The purpose of this charter (hereinafter referred to as the "Charter") is to inform users of the https://crosscall.com website (hereinafter referred to as the "Site") of the measures and commitments taken by CROSSCALL (hereinafter referred to as " CROSSCALL ") concerning the confidentiality of personal data of Site users, as well as the cookie policy implemented by CROSSCALL.
Site users are strongly advised to consult the Charter regularly before consulting and using the Site.
ARTICLE 1 - SCOPE OF APPLICATION
The Charter applies to the Site, to the exclusion of third-party websites and services to which the Site may refer or provide access.
In particular, the Site may contain links to other sites over which CROSSCALL exercises no control. CROSSCALL endeavors to include on the Site only links to Internet sites that comply with the same rules as its own in terms of personal data and security. However, CROSSCALL cannot be held responsible for the protection and privacy of information communicated by Site users on other Internet sites. Site users are advised to exercise caution and to familiarize themselves with the rules applicable to personal data on each site concerned. Personal data that Site users choose to provide to third parties or that is collected by them is not covered by the Charter.
ARTICLE 2 - DATA CONTROLLER
Personal data on the Site are collected by CROSSCALL.
CROSSCALL is a French limited company (société anonyme) with an Executive Board and Supervisory Board, with share capital of 250,880 euros, registered in the Aix-en-Provence Trade and Companies Register under number 518 706 890, with intracommunity VAT number FR 25 518 706 890 000, and headquartered at 245 RUE PAUL LANGEVIN - ZONE D'ACTIVITES DES MILLES - 13290 AIX EN PROVENCE, represented by Mr Cyril VIDAL, in his capacity as Chairman.
ARTICLE 3 - PERSONAL DATA COLLECTED
In connection with the use of the Site and depending on the service used by the user on the Site, CROSSCALL may collect and process name, date of birth, gender, e-mail address, home/postal address, telephone number, telephone serial number (IMEI), IP address, geolocation, login, password, connection and browsing data, order history, bank details, preferences and interests, products viewed and purchased, delivery incidents and complaints.
The compulsory or optional nature of data is indicated at the time of collection by the use of an asterisk. Refusal to provide compulsory data may lead to the restriction or prohibition of the benefit of a feature or service.
CROSSCALL is led to collect this information in particular when a user of the Site :
- create a customer account,
- place an order on the Site,
- browse the Site,
- contacts CROSSCALL customer service (SAV),
- communicates with CROSSCALL (e-mail, chat, etc.).
- completes a web form
- participates in a sponsorship program
- takes part in a competition
ARTICLE 4 - USE OF PERSONAL DATA
The data collected helps CROSSCALL to establish and manage its relations with Site users, and to offer them a personalized experience in line with their needs and interests.
CROSSCALL may use their personal data to :
- execute a transaction or an order,
- create a customer account,
- prevent and detect security threats, fraud and other malicious activities,
- provide information on CROSSCALL products and services,
- to provide and improve the services provided by CROSSCALL, in particular its customer service,
- provide information on new services and benefits,
- send commercial offers and personalized information (newsletters, telephone canvassing, etc.),
- customize the Site,
- measure the effectiveness of marketing campaigns, advertisements and web pages,
- allow Site users to participate in contests, promotions, sweepstakes, surveys or the referral program
- enable the activation and registration of products or services, such as keeping track of products that have been placed in the shopping cart by Site users,
- collect requests for information and complaints from users of the Site,
- manage a job application,
- manage event registration,
- use social networks to share content,
- collect and distribute contributions such as comments, ratings, etc.
Credit card information is only used for the time required to complete a transaction, unless the Site user requests that it be retained for a subsequent purchase.
ARTICLE 5 - RECIPIENTS OF PERSONAL DATA AND TRANSFERS
5.1 The data collected on the Site is intended for CROSSCALL and its group subsidiaries.
It may nevertheless be transmitted to or consulted by third-party companies (subcontractors) used by CROSSCALL to carry out certain services and orders placed via the Site, such as :
- the service provider responsible for operating the Site,
- the service provider responsible for hosting it,
- the service provider responsible for preparing and shipping the order,
- the service provider responsible for transporting the products ordered or to be repaired,
- the service provider responsible for the sponsorship program
- CROSSCALL 's bank and/or its payment service provider,
- customer service providers, especially repair centers,
- the service provider responsible for sending newsletters.
- CROSSCALL's banking institution and/or its payment service provider, and, where applicable, its service provider involved in processing tax returns.
These service providers are contractually bound to maintain the integrity and confidentiality of data received on behalf of CROSSCALL and may only use it in accordance with the instructions of CROSSCALL in order to perform the services they carry out for CROSSCALL, which in any event remains solely responsible for its processing.
5.2 Direct and indirect marketing
CROSSCALL may, subject to the prior consent of the user, use the information in its possession concerning the user of the Site in order to provide the user with information concerning its products, promotions, special offers and other information relating to its products or services or which, in the opinion of CROSSCALL, may be of interest to users of the Site.
CROSSCALL may send this information by :
- E-mail address ;
- Phone ;
- SMS or MMS text message and/or any other form of electronic message ;
- Conventional mail or any other means ;
- Promotional banner on third-party sites or social networks;
- Internet search engine.
Site users will be asked to indicate whether or not they consent to this information being used for direct and indirect marketing purposes, whether by CROSSCALL or by a third party (including its commercial partners). To this end, they must tick one or more boxes to express their express consent, after having familiarized themselves with the various commercial actions that may be carried out on the basis of the information they wish to communicate.
Thus, CROSSCALL uses information relating to Site users who have given their prior consent to direct and indirect marketing actions, solely within the limits of the use to which they have knowingly consented.
Users of the Site may at any time revoke their agreement or lack of agreement, or the scope of the agreement previously given with regard to direct and indirect marketing, by completing the form accessible via the URL: https: //crosscall.com/gestion-des-donnees-personnelles/.
In addition, when CROSSCALL sends direct or indirect marketing messages to users of the Site, it will remind them of their right to request that such communications cease.
5.3 Transfer to third parties or outside the European Union
In general, unless otherwise specified in the Charter, CROSSCALL undertakes not to share any personal information with third parties without the express prior consent of the Site user, except in the event that CROSSCALL needs to :
- respond to requests for information from competent authorities;
- comply with regulations or an administrative or judicial decision;
- detect and prevent security threats, fraud and other malicious activities ;
- enforce and protect the rights of CROSSCALL and its subsidiaries; or
- protect the rights or personal safety of CROSSCALL, its employees and third parties.
Personal data collected via the Site is hosted on servers located in France and the United States.
Should CROSSCALL communicate the personal data of Site users to a company in the CROSSCALL group or to a third party located outside the European Economic Area, CROSSCALL will have first taken measures to ensure that said data will benefit from the same level of protection as that imposed by applicable data protection law.
ARTICLE 6 - PROTECTION OF MINORS' PRIVACY
The Site is not intended for minors. However, access to the site is not restricted to adults, as long as it does not contain any content that is forbidden to under-18s.
The Site is not intended to collect the personal data of minors.
If a minor's information is nevertheless collected, the minor's legal representative may contact CROSSCALL to rectify, modify or delete this information in accordance with article 6 of the French Data Protection Act, in application of the provisions of article 7 below.
ARTICLE 7 - RIGHTS RELATING TO THE PROCESSING OF PERSONAL DATA
7.1 Right of access, modification, rectification and deletion
Site users have the right to access their personal data and, where applicable, to request :
- rectification or deletion of said data;
- the limitation of the processing of said data by CROSSCALL,
- opposition to the processing of personal data concerning them;
- all information relating to their data.
Notwithstanding the aforementioned rights, CROSSCALL will not be obliged to intervene on data that remains essential for compliance with CROSSCALL's legal and regulatory obligations.
To this end, users of the Site should contact CROSSCALL by filling in the form accessible via the URL: https: //crosscall.com/gestion-des-donnees-personnelles/ or by sending a letter to the address of its registered office:
CROSSCALL
245 RUE PAUL LANGEVIN - ZONE D'ACTIVITES DES MILLES
13290 AIX EN PROVENCE
In accordance with current regulations, the request must be signed and accompanied by a photocopy of an identity document bearing the signature of the Site user making the request, and must specify the address to which the reply should be sent. A reply will be sent within 1 month of receipt of the request.
7.2 Right to data portability
Site users also have a right to the portability of the personal data concerning them that they have communicated to CROSSCALL in the course of using the Site, enabling them to recover part of their data recorded by CROSSCALL on the Site in order to store it or transmit it easily from the Site to another Internet site, with a view to its re-use for personal purposes.
To this end, Site users must send a request to this effect to CROSSCALL by filling in the form provided for this purpose on the Site, which can be accessed via the "Personal data management" tab. On receipt of the duly completed form from the Site user, CROSSCALL will send the user his or her personal data as soon as possible, and within one month at the latest, unless the request is exceptionally extended to three months due to the complexity of the Site user's request.
Users of the Site are informed that only the following personal data are concerned by this right to portability:
- data actively and knowingly provided by Site users requesting portability (e.g. postal address, user name, etc.);
- data resulting from the use of the Site by said users (e.g. search history, user location data).
Under no circumstances may the right to portability apply to all personal data held by CROSSCALL concerning users of the Site, which may result from an analysis carried out by CROSSCALL on the basis of data supplied by users of the Site. Such data may, however, be consulted by Site users as part of their request for access to their personal information, as referred to in point 7.1 above.
7.3 Unsubscribing from the Newsletter
CROSSCALL offers Internet users who no longer wish to receive the newsletter the option of unsubscribing by clicking on the appropriate link in one of the newsletters, via their customer account, or by contacting CROSSCALL at marketing@crosscall.com, specifying the e-mail address to be unsubscribed.
7.4 Opposition to cold calling
If Site users do not wish to receive telephone solicitations, they should send their telephone number to CROSSCALL at the following e-mail address marketing@crosscall.com, or by post to the address given in article 7.1 above.
Site users will then receive a receipt specifying the date on which their registration will become effective, with a maximum of 30 days after the receipt is issued. The receipt will also indicate the duration of registration on this opposition list.
ARTICLE 8 - DATA PROTECTION
CROSSCALL takes all reasonable steps to protect the personal data of Site users, including, by way of example :
- it uses encryption to guarantee data confidentiality;
- it uses reliable protection mechanisms to shield data from malicious attacks;
- it has implemented visit control mechanisms, allowing only authorized personnel to access personal data;
- it has ensured that its employees understand the importance of protecting personal data through training sessions on security awareness and confidentiality protection provided by the Data Protection Officer (DPO) appointed by CROSSCALL .
CROSSCALL takes all measures reasonably possible to limit the personal data of Site users to sufficient and relevant data.
CROSSCALL retains personal data only for as long as is necessary for the purposes set out in this Policy and will not retain personal data for longer unless a longer retention period is required or permitted by law.
CROSSCALL is required to archive the data collected in order to meet its legal obligations in this respect.
CROSSCALL makes every effort to protect the personal data of Site users against damage, loss, misappropriation, intrusion, disclosure, alteration or destruction.
CROSSCALL has implemented a number of security measures to prevent unauthorized access and/or distribution, preserve the integrity of data and ensure that it is used in accordance with the purpose for which it was collected.
CROSSCALL employees who, by virtue of their position, have access to the personal data of Site users undertake to maintain the strictest confidentiality in this respect.
When CROSSCALL sends highly confidential information (such as a credit card number or password) over the Internet, it is protected by encryption methods such as SSL (Secure Socket Layer).
However, CROSSCALL does not control all the risks associated with the operation of the Internet and draws the attention of Site users to the existence of possible risks in terms of occasional loss of data or breach of confidentiality of data transiting via this network.
ARTICLE 9 - RESPECT FOR PERSONAL DATA
9.1 CNIL declaration :
CROSSCALL protects the personal data of the Site's users by complying with current legislation and in particular the European Data Protection Regulation (RGPD) No. 2016/679 of April 27, 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data.
The processing of personal data carried out within the framework of the Charter has been declared to the Commission National Informatique et Liberté (CNIL) under number 2173236 v 0.
9.2 DPO declaration :
CROSSCALL has also appointed AESATIS, a limited liability company with capital of €38.010 €, whose registered office is located at 79 b, avenue de l'Europe - 13127 Vitrolles, registered with the Trade and Companies Register of Salon de Provence under number 501 097 216, represented by Mrs. Bernadette LEROY, in her capacity as Managing Director, as Data Protection Officer (DPO), as referred to in Article 37 of the RGPD, in order to support and assist it in the process of compliance with said RGPD.
9.3 User complaints :
9.3.1 CROSSCALL: For any questions, comments or suggestions, users of the Site may contact CROSSCALL by e-mail at the following address: marketing@crosscall.com.
9.3.2 With the CNIL: Users of the Site also have the right to lodge a complaint with the Commission Nationale de l'Informatique et des Libertés (CNIL), the supervisory authority responsible for compliance with obligations in respect of personal data in France, by sending a letter to the following address: 3, place de Fontenoy - TSA 80715 - 75334 Paris Cedex 7.
ARTICLE 10 - COOKIES
Users of the Site are informed that when they consult the Site, cookies are placed on their computer, cell phone or tablet.
The first time Site users browse the Site, a banner appears describing the precise purposes for which cookies are used, the possibility they have of objecting to them, and informing them that continuing to browse the Site implies consent to the deposit and use of cookies on their terminal. If they do not accept the use of cookies, Site users must deactivate them by following the instructions below.
Definition. A cookie is a file containing small amounts of information that is downloaded to the Site user's computer or mobile device when they visit the Site.
Cookies perform various functions, such as enabling them to navigate efficiently between different pages, save their preferences and generally improve their experience of the Site. On their computer, phone or tablet, cookies are managed by their Internet browser.
However, the data obtained is restricted. It concerns only the number of pages visited, the city where the IP address used to connect to the website is located, the frequency and recurrence of visits, the duration of the visit, and the browser, operator or type of terminal from which the visit is made. Under no circumstances are data such as the surname, first name or postal address of the website user obtained.
CROSSCALL uses the following cookies :
Strictly necessary cookies :
These cookies are necessary for the operation of the Site. They enable Site users to use the essential functions of the Site, such as accessing secure areas, playing videos, remembering their preferences in order to personalize their user interface (for example, their choice of language or region) or maintaining an active session. These cookies do not collect any personally identifiable information. All the information these cookies collect is anonymous.
Accepting these cookies is a necessary condition for using the Site. If users of the Site refuse them, CROSSCALL will not be able to ensure normal browsing on the Site.
Functionality cookies :
They are used to enable use of the Site's various functions and to improve its operation.
These cookies do not collect any information that could identify users of the Site. All the information these cookies collect is anonymous and is only used to improve the functionality of the Site.
If Site users deactivate these cookies, some or all of these functions may no longer be available. Site users will find more information on the functionality cookies that CROSSCALL uses and their purposes in the table below:
- Cookies Google Analytics Social networks Popup opening ;
- Features Site audience measurement Sharing content on social platforms and tracking subscribers' browsing on the Site ;
- Measuring the time spent on a page ;
- Functionality cookie for the MentionMe referral program;
- Access and recipients Google Facebook, Twitter, Google+, etc. CROSSCALL.
Analysis cookies :
They enable CROSSCALL to recognize and count the number of users and to know how users move around the Site. This enables CROSSCALL to improve the functionality of the Site, for example, by ensuring that Site users can easily find what they are looking for. These cookies do not collect any personally identifiable information. All information collected by these cookies is anonymous and only used to improve the functionality of the Site.
The website uses Google Analytics cookies. The information collected by Google Analytics cookies will be transmitted and hosted by Google on servers located in the United States of America in accordance with their privacy policy. For an overview of Google's privacy policy and how it applies to Google Analytics, visit https://www.google.fr/intl/fr/policies/privacy/.
Advertising cookies :
These are cookies used to display advertisements or send you information tailored to your interests on or off our site while you are browsing the Internet. In particular, they are used to limit the number of times you see an advertisement and to help measure the effectiveness of an advertising campaign.
The refusal of these advertising cookies has no impact on the use of our site. However, refusing advertising cookies will not stop advertising on our site or on the Internet.
This will only have the effect of displaying advertising that does not take your interests or preferences into account. These cookies are mainly third-party cookies. These cookies depend mainly on advertising agencies. CROSSCALL is unable to list them exhaustively.
Cookies Tags partners Redirection :
These are cookies which identify the user of the Site in order to offer them advertising tailored to their centers of interest on third-party sites and to direct them to the third-party distributor who sells the product they are looking for in-store or on the Internet.
Access and recipients Criteo, Next Performance, Adverline, Facebook Exchange, etc. Zanox
Deactivating, setting, deleting and expiring cookies :
Site users can deactivate or configure cookies by clicking on the "Cookie management" tab on the Site.
However, if they decide to deactivate all cookies via their browser settings, in particular cookies used to operate the Site (e.g. cookies used to save their shopping basket or to connect to their account), they may no longer be able to access all or part of the Site.
Furthermore, deactivating a cookie or a category of cookies does not remove them from the browser, as deletion requires a specific action.
Continued browsing implies acceptance, and the period of validity of Site users' consent is a maximum of thirteen (13) months. If the Site user accepts cookies, they will remain stored on his/her computer for five (5) years, unless the Site user deletes them via his/her browser.
Failing this, cookies expire and are therefore deactivated 13 months after their first deposit in the terminal equipment of the Site user.
ARTICLE 11 - UPDATING THE CHARTER
CROSSCALL reserves the right to update or modify the Charter from time to time. CROSSCALL will publish the modified Charter on the Site, or notify Site users by e-mail, as the case may be; Site users are advised to check the content of the Charter regularly.