319,90€
Data protection policy
Personal Data Processing Manager
Personal data collected on the Website is processed by CROSSCALL its capacity as data controller, in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, effective as of May 25, 2018, and Law No. 2018-493 of June 20, 2018.
Contact details of the data controller
CROSSCALL
245 Paul Langevin Street
Les Milles Business Park
13290 Aix-en-Provence
SIRET: 518 706 890 00069
Representative: Mr. Cyril VIDAL, in his capacity as President
Processing of Collected Personal Data
CROSSCALL collect your personal data through this website for various purposes, including:
1. Create your customer account and manage your orders
| Purpose of collection | Purposes | Data collected | Legal basis | Shelf life |
|---|---|---|---|---|
| Creating a customer account | The necessary data is collected for the creation of an account. | Required: Last name, first name, date of birth, title, and email address / Optional: address, cell phone number, employment status, sports played, children | Consent | Until consent is withdrawn |
| Order management | The necessary data is collected for the processing and tracking of your orders on the website. | account creation data Credit card number, cardholder name, security code |
Performance of the contract | Payment by credit card: 540 days from the transaction date (via our partner Ogone Worldline) Payment by PayPal: Personal data used in the context of the ongoing relationship between you and PayPal is stored for the duration of the relationship plus a period of 10 years Commercial documents are kept for 10 years from the last contact. |
| Management of payment in several monthly installments | The necessary data is collected to ensure your creditworthiness and authorize payment in several monthly installments. | Last name, first name, address, date and place of birth, credit card number, cardholder name, security code, etc. | Legitimate interest | ONEY: If payment is accepted, for the entire duration of the loan + 5 years for evidence purposes in the event of a dispute / 6 months in the event of payment refusal. |
| Returns management | The necessary data is collected to process your requests for withdrawal of products purchased on the website and to inform you about this process. | Last name, first name, address, email, phone number, product reference and model | Performance of the contract | Commercial documents kept for 10 years from the last contact |
| Claims/litigation management | The necessary data is collected to process your claims. | Last name, first name, address, email, phone number, IMEI, and date of purchase | Performance of the contract / legitimate interest | In the event of a dispute, the data is retained for the duration of the contract plus the limitation period. |
2. Responding to your requests
| Purpose of collection | Purposes | Data collected | Legal basis | Shelf life |
|---|---|---|---|---|
| Contact form management | The necessary data is collected to respond to users’ requests (such as obtaining information about an order, invoice, or referral program), to enable users to chat with a CROSSCALL employee, to submit partnership or ambassador applications, and to receive CROSSCALL news CROSSCALL consent. | Last name, first name, email, message For partnership/ambassador requests, your discipline and profession are also collected. |
Legitimate interest | Until the request is processed |
| Quotation request management | The necessary data is collected to respond to requests for quotes and send promotional offers if you have consented to this. | Required: Last name, first name, phone number, email address, country, company name, job title, desired product and volume, project description | Consent | 3 years after your last contact / until you unsubscribe from marketing communications |
| Management of requests to exercise rights | The necessary data is collected to process the request to exercise rights made via the dedicated form. | Required: Nature of the request, email address, name, account or order number . Proof of identity in the case of a request for access rights. |
Legal obligation | Identity document if requested: Deleted immediately after verification : 1 year in the active database and 5 years in the intermediate database before deletion |
| Handling requests made via the chatbot | Improving the quality of services Providing personalized service by reviewing chat history |
Conversations (content of exchanges, number of conversations, duration, date) Visitor’s IP address (for evidentiary purposes in the event of a dispute) Data provided directly by the visitor (e.g., name, email address, phone number) |
Consent | The data is retained for the time it takes to respond and for a maximum of one year |
3. Handling your requests with customer service
| Purpose of collection | Purposes | Data collected | Legal basis | Shelf life |
|---|---|---|---|---|
| Handling requests made by phone | The necessary data is collected in order to contact you and process your request. | Required: Last name, first name, address, email address, phone number, IMEI, purchase invoice | Consent | The data is kept for the time it takes to respond and for a maximum period of 2 years. |
| Management of service requests for repairs as part of after-sales service | The necessary data is collected for product support, to contact you, and to return the repaired product. | Required: Name, address, email address, phone number, IMEI, purchase invoice | Warranty agreement / Legitimate interest | The time required to process your request + 2 years / 2 years after the end of the warranty period if the device is under warranty |
| Handling customer service requests submitted via the chatbot | Handle inquiries related to product after-sales service | Conversations (content of exchanges, number of conversations, duration, date) Visitor’s IP address (for evidentiary purposes in the event of a dispute) Data provided directly by the visitor (e.g., name, email address, phone number) |
Consent | The data is retained for the time it takes to respond and for a maximum of 5 years |
4. Manage recruitment
| Purpose of collection | Purposes | Data collected | Legal basis | Shelf life |
|---|---|---|---|---|
| Application management | The necessary data is collected to process applications submitted online or by mail. | Last name, first name, email address CV data: address, phone number, age, gender, family status, education, and professional experience | Legitimate interest | 2 years from receipt of your resume |
5. To offer you promotional offers and contests
| Purpose of collection | Purposes | Data collected | Legal basis | Shelf life |
|---|---|---|---|---|
| Newsletter management | The necessary data is collected for sending personalized promotional emails and promotional offers, including one specifically for birthdays. | Newsletters: Name, email address / Promotional offers: Name, email address, and date of birth | Consent | Data deleted upon unsubscription or 3 years after last contact |
| Contest management | The necessary data is collected for the purpose of organizing events and sending out prizes won. | Last name, first name, email address, phone number, and mailing address (depending on the purpose of the contest) | Consent | Data deletion 2 months after delivery of the lots If consent to the newsletter: until unsubscribing |
| Refund offer management | The necessary data is collected to reimburse you and send newsletters with your consent. | Name, email address, phone number, and mailing address (depending on the purpose of the contest) | Consent | Deletion of data within a maximum of 3 years after the end of the contract / until unsubscribing from the newsletter if consent to the newsletter has been given. |
6. Enabling us to develop our products and services
| Purpose of collection | Purposes | Data collected | Legal basis | Shelf life |
|---|---|---|---|---|
| Opinion poll management | The necessary data is collected to understand your use of our products. | Name, email address, and phone number, company name, and occupation | Consent | Deletion after processing of survey results / If consent to be contacted again has been given, data deleted upon unsubscribing |
| User experience management | The necessary data is collected to gather your feedback on the products in order to improve them/contact you for further details about your responses. | Gender, First name, Email address, Country | Consent | 2 years, then anonymization |
| Participation in the community of innovators | The necessary data is collected to manage registrations and recruitment to the community of innovators, and to conduct market research, satisfaction surveys, and studies of needs and usage. | Last name, first name, email address, date of birth, city, country, children (yes/no), sports practiced, frequency, other possible and non-mandatory information: apartment/house, type of car (and desired), desired clothing brand, professional category, work schedule, work environment, income bracket. | Consent and then performance of the contract / Legitimate interest | Until unsubscribing |
RECIPIENTS
The recipients of this data are:
- The service provider providing the Customer Relationship Management (CRM) system and the Marketing Cloud system;
- The service provider providing the online questionnaire deployment tool;
- The service provider implementing online payment solutions;
- Service provider responsible for delivering orders;
- Repair centers;
- The service provider providing the application management solution;
- CROSSCALL external DPO CROSSCALL connection with a data subject request.
TRANSFER TO THIRD PARTIES AND OUTSIDE THE EUROPEAN UNION
Your personal data is primarily processed within the European Union.
However, for the purposes described above, some of your personal data may be transferred to third-party entities located in countries outside the European Union (e.g., the company’s subcontractors involved in the aforementioned processing, etc.).
Some of these entities receiving your personal data are considered to provide an adequate level of protection for personal data because they are established in a country whose personal data protection regulations have been recognized as ensuring an adequate level of protection for such data (seethe European Commission’s adequacy decisions)
Furthermore, if the country of the entity receiving your personal data does not offer an adequate level of protection for such data, we ensure that appropriate security and confidentiality measures are taken to guarantee the continued protection of your data.
In such cases, you are informed that transfers of your personal data to entities outside the European Union are governed by the implementation of appropriate safeguards, such as the conclusion, with the recipients of such data, of contractual clauses in accordance with the European Commission’s recommendations, ensuring that appropriate safeguards are in place regarding the protection of said data.
We further inform you that transfers of personal data outside the European Union are lawful if (i) the transfer is necessary for the performance of a contract between the data subject and the Data Controller or for the implementation of pre-contractual measures taken at the request of the data subject, if (ii) the transfer is necessary for the conclusion or performance of a contract concluded in the data subject’s interest between the data controller and another natural or legal person, or if (iii) the data subject has given explicit consent to the proposed transfer, after being informed of the risks that such a transfer may entail for them due to the absence of an adequacy decision and appropriate safeguards.
CROSSCALL be required to disclose personal data to the competent authorities and agencies in response to requests for information or in connection with administrative or judicial decisions.
DATA SECURITY
CROSSCALL to ensuring the security of your personal data hosted on its servers. The company strives to implement the necessary technical and organizational security measures to guarantee the integrity, confidentiality, and availability of your data.
CROSSCALL employees CROSSCALL access to the personal data of Website users by virtue of their position are bound by the strictest confidentiality in this regard.
The CROSSCALL website CROSSCALL the TLS encryption protocol to ensure the confidentiality and integrity of your data transmitted via the site and to ensure client-server authentication.
You can view our security certificate, issued by a third party, by clicking on the padlock icon in your browser’s address bar.
PERSONAL RIGHTS AND MEANS OF EXERCISING THEM
In accordance with Law No. 78-17 of January 6, 1978, relating to Information Technology, Files, and Civil Liberties (Articles 38, 39, 40), and the General Data Protection Regulation, you have various rights regarding the use of your personal data. These rights are as follows:
- Access: Exercising the right of access allows the User to check the accuracy of the data and, if necessary, have it corrected or deleted.
- Rectification: The right to modify allows the User to update their data;
- Portability: Exercising the right to data portability allows the User to transfer their data to a third party of their choice;
- Deletion: Exercising the right to deletion allows the User to have their data deleted.
- Objection: Exercising the right to object allows the User to object to the use of their data for a specific purpose;
- Limitation: Exercising the right to limitation allows the User to request that an organization temporarily freeze the use of some of their data.
You may exercise these rights by contacting CROSSCALL Data Protection Officer CROSSCALL the form available on the following page:Personal Data Management
Please note that CROSSCALL also allows CROSSCALL to update your personal information and withdraw your consent to receive commercial and promotional offers directly from your customer account. You can also unsubscribe from any communications by clicking the unsubscribe link at the bottom of the emails you receive.
If, after contacting CROSSCALL data controller or data protection officer, you believe that your data protection rights have not been respected, you may file a complaint online with theFrench Data Protection Authority (CNIL)orby mail at 3 place de Fontenoy – TSA 80715 – 75334 Paris Cedex 07
ABOUT COOKIES
This site uses cookies to ensure proper functioning and enhance the user experience: normal navigation on the site, video playback, sharing content on social media, and measuring page traffic. Strictly necessary cookies are those related to the functioning of the site.
This site also uses analytics cookies to improve the site’s functionality. All data collected by these cookies is anonymous.
Advertising cookies are used to display ads tailored to users’ interests and to measure the effectiveness of advertising campaigns.
See the cookie policy to learn more.
PRIVACY POLICY CHANGE
CROSSCALL update this privacy policy from time to time. We therefore encourage you to review it regularly to ensure you are familiar with the latest version.