Choisissez votre pays et votre langue
DATA PROTECTION POLICY
Personal Data Controller
Personal data on the Site is collected by CROSSCALL in its capacity as data controller, in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 applicable as of 25 May 2018 and Law n°2018-493 of 20 June 2018.
Contact details of the data controller
CROSSCALL SA
245 rue Paul Langevin
Zone d'activité
des Milles
13290 Aix en Provence
SIRET : 518 706 890 00069
Representative
Mr Cyril VIDAL in his capacity as Chairman
Processing of collected personal data
CROSSCALL is likely to collect your personal data through this site for various purposes, namely :
1. Create your customer account and manage your orders
| Purpose of collection | Goals | Collected data | Legal basis | Shelf life |
|---|---|---|---|---|
| Customer account creation | Necessary data is collected to create an account | Mandatory: Surname, first name, date of birth, title and address e-mail address / optional: address, cell phone number, professional sports practiced, children | Consent | Until consent is withdrawn |
| Order management | The necessary data is collected for the processing and follow-up your orders on the website |
Account creation data Credit card number, cardholder's name cardholder, cryptogram |
Contract performance |
Payment by credit card: 540 days from transaction date
(by partner Ogone Worldline) Payment by PayPal PayPal: Personal data used as part of the ongoing relationship relationship between you and PayPal are stored for the duration of the the duration of the relationship, plus 10 years Business documents stored for 10 years from last contact |
| Manage payment in instalments | The necessary data is collected in order to ensure your solvency and authorize payment in several monthly instalments. monthly installments | Surname, first name, address, date and place of birth, credit card number, cardholder's name cardholder's name, cryptogram, etc. | Legitimate interest | ONEY: If payment is accepted, for the duration of the loan +. 5 years for evidentiary purposes in the event of dispute / 6 months in the event of refusal of payment |
| Withdrawal management | The necessary data is collected in order to process your requests to withdraw for products purchased on the web and to inform you about this process | Surname, first name, address, e-mail address, telephone number, product reference and model product | Contract performance | Commercial documents kept for 10 years from last contact |
| Claims/litigation management | The necessary data is collected to process your complaints | Surname, first name, address, e-mail address, telephone number, IMEI and date of purchase | Contract performance / legitimate interest | In the event of a dispute, data is kept for the duration of the contract of the contract plus the statute of limitations |
2. Responding to your requests
| Purpose of collection | Goals | Collected data | Legal basis | Shelf life |
|---|---|---|---|---|
| Contact form management | The necessary data are collected to respond to requests from requests (e.g. to obtain information about orders, invoices or sponsorship), allow people to communicate by chat with a CROSSCALL a CROSSCALL employee, to make Partnership / Ambassador requests and to receive Ambassador and to receive CROSSCALL news on request. consent. |
Last name, First name, e-mail, message For partnership/ambassador requests, the following information is also collected discipline and profession |
Legitimate interest | Until the request is processed |
| Quote request management | The necessary data is collected to respond to requests for quotations and to send you promotional offers if you have given your consent. consent. | Mandatory: Surname, first name, telephone number, e-mail address, country function, desired product and volume, project description project description | Consent | 3 years after your last contact / until you unsubscribe from commercial information |
| Managing requests to exercise rights | The necessary data is collected in order to process the request formulated via the dedicated form |
Mandatory: Type of request, e-mail, name, account number
or order number Identification if requesting access rights |
Legal obligation |
Identity document if requested: Removed
immediately after verification 1 year in active base and 5 years in intermediate database before deletion |
3. Handle your customer service requests
| Purpose of collection | Goals | Collected data | Legal basis | Shelf life |
|---|---|---|---|---|
| Handling telephone requests | The necessary data is collected in order to contact you and process your request | Mandatory: Surname, first name, address, e-mail and telephone number, IMEI, purchase invoice | Consent | Data is kept for the time it takes to provide a response, and for a a maximum of 2 years |
| Management of after-sales service requests for repairs for repairs | The necessary data is collected to take charge of the product, contact you contact you and return the repaired product. | Mandatory: Name, address, e-mail and telephone number, IMEI, purchase invoice | Guarantee contract / Legitimate interest | Time to process your request + 2 years / 2 years after end of warranty if device under warranty |
4. Manage recruitment
| Purpose of collection | Goals | Collected data | Legal basis | Shelf life |
|---|---|---|---|---|
| Application management | The necessary data is collected to process applications applications online or by post | Last name, first name, e-mail CV data: address, telephone number, age, family status, education and professional experience | Legitimate interest | 2 years from receipt of your CV |
5. Provide you with promotional offers and contests
| Purpose of collection | Goals | Collected data | Legal basis | Shelf life |
|---|---|---|---|---|
| Newsletter management | The necessary data is collected for the sending of personalized promotional offers, including one specific specific to the anniversary date | Newsletters: Name, e-mail address / promotional offers: Name, e-mail address and date of birth | Consent | Data deleted on unsubscription or 3 years after last contact contact |
| Contest management | Necessary data is collected for the realization of the and the dispatch of prizes | Surname, first name, email address, telephone number and postal address (depending on the the subject of the competition) | Consent |
Deletion of data 2 months after delivery of prizes If consent to newsletter: until unsubscription |
| Refund offer management | The necessary data is collected to reimburse you and to send newsletters with your consent | Name, email address, telephone number and postal address (depending on the the subject of the competition) | Consent | Deletion of data within 3 years of termination of contract contract / until unsubscribing from newsletter if consent to to newsletter |
6. Allow us to develop our products and services
| Purpose of collection | Goals | Collected data | Legal basis | Shelf life |
|---|---|---|---|---|
| Opinion survey management | The necessary data is collected to understand your use of our of our products | Name, e-mail address and telephone number, company name and profession | Consent | Deletion of survey results at the end of processing / If consent to be contacted again, data deleted upon unsubscribe |
| User experience management | The necessary data is collected in order to gather your feedback experience with our products, so that we can develop them further / or recontact you for further information on your responses | Gender, First name, e-mail address, country | Consent | 2 years, then anonymized |
| Participation in the community of innovators | The necessary data is collected to manage registration and recruitment and recruitment to the community of innovators, and to carry out market research, satisfaction, needs and usage studies | Last name, first name, e-mail, date of birth, city, country, Children Y/N, Sports practised, frequency, Other possible but not compulsory : apartment/house, type of car (and desired), brand of clothing desired, Professional category, Working hours, working environment, Income bracket | Consent then contract performance / Legitimate interest | Until unsubscribed |
MEMBERS
The recipients of this data are :
- The provider of the Customer Relationship Management (CRM) and Marketing Cloud systems;
- The service provider providing the tool for deploying the online questionnaires ;
- The service provider implementing the online payment solutions ;
- Order delivery service provider ;
- Repair centers ;
- The service provider providing the application management solut--ion applications ;
- CROSSCALL 's external DPO in the event of a legal claim.
TRANSFER TO THIRD PARTIES AND OUTSIDE THE EUROPEAN UNION
Your personal data is preferably processed in the
the European Union.
For the above-mentioned purposes, some of your personal data may, however
transferred to third parties established in countries outside the
established in countries outside the European Union (eg.
company's subcontractors involved in the above-mentioned processing operations, etc.).
processing, etc.).
Some of these entities receiving your personal data are considered to
personal data are considered to provide a sufficient level of protection
protection of personal data because they are established in a country
in a country whose regulations on the protection of personal data have been
protection has been recognized as providing an adequate level of protection
protection of your personal data (cf. European Commission adequacy decisions)
Furthermore, if the country of the entity receiving your personal data
does not offer an adequate level of protection for your personal data, we ensure that
we ensure that appropriate security and confidentiality measures are taken to
confidentiality measures are taken to ensure that your data remains
protection of your data.
In such cases, you are informed that transfers of your personal data to other
personal data to other entities outside the European Union
are subject to the implementation of appropriate safeguards, such as the conclusion of
contractual clauses with the recipients of such data, in accordance
in accordance with the recommendations of the European Commission
to ensure that appropriate safeguards are in place
regarding the protection of said data.
We would also like to point out that transfers of personal data outside the
outside the European Union are lawful if (i) the transfer is
necessary for the performance of a contract between the data subject and the
data controller or for the implementation of pre-contractual
at the request of the data subject, if (ii) the transfer is necessary for the conclusion or
transfer is necessary for the conclusion or performance of a contract
concluded in the interests of the data subject between the controller
and another natural or legal person, or if (iii) the Data Subject has given his or her
data subject has given his or her explicit consent to the intended
after having been informed of the risks that this transfer could entail for him/her
transfer could entail for him/her due to the absence of an adequacy decision and of
appropriate guarantees.
CROSSCALL may be required to transfer personal data to the competent
authorities in the context of requests for information or administrative
administrative or judicial decisions.
DATA SECURITY
CROSSCALL guarantees the security of your personal data
hosted on its servers. The company makes every effort to take the necessary
necessary to guarantee the integrity, confidentiality and availability
the integrity, confidentiality and availability of your data.
CROSSCALL employees who have access to the personal data of users of the
users of the Site by virtue of their position undertake to maintain the utmost
confidentiality in this respect.
The CROSSCALL web site uses the TLS encryption protocol
encryption protocol to ensure the confidentiality and integrity of your data
transmitted via the site and to ensure client-server
client-server authentication.
You can consult our security certificate, issued by a third party,
by clicking on the padlock icon in your browser's address bar.
browser address bar.
PERSONAL RIGHTS AND HOW TO EXERCISE THEM
In accordance with the French Data Protection Act no. 78-17 of January 6, 1978 Informatique, aux fichiers et aux Libertés (articles 38, 39, 40), and to the General Data Protection Regulations, you have a number of rights regarding rights with regard to the use made of your personal data. of your personal data. These rights are as follows:
- Access: Exercising the right of access enables the User to to check the accuracy of the data and, if necessary, to have them rectified or deleted;
- Rectification: Exercising the right to modification allows the User to the User to update his/her data;
- Portability: Exercising the right to data portability enables the User to forward his or her data to a third party of his or her choice;
- Deletion: Exercising the right to deletion allows the User to the User to obtain the deletion of his/her data;
- Opposition: Exercising the right to oppose allows the User to to oppose the use of their data for a specific purpose;
- Limitation: Exercising the right to limitation allows the User to the User to ask an organization to temporarily freeze the use of certain the use of some of their data.
These rights may be exercised by contacting CROSSCALL's Data Protection Officer
by filling in the form on the following page:
Personal data management
Please note that CROSSCALL also offers you the possibility of modifying
your personal information and withdraw your consent to commercial
and promotional offers directly from your customer account.
account. It is also possible to unsubscribe from any communication
by clicking on the unsubscribe link at the end of any e-mail you
e-mails you receive.
If, after contacting the data controller or the CROSSCALL data protection
CROSSCALL's data protection officer, that your data protection rights have not been
your data protection rights have not been respected, you may
send an online complaint to the Commission nationale de l' informatique et
l'informatique et des libertés (CNIL) or
by post to 3 place de Fontenoy - TSA 80715 - 75334 Paris Cedex 07 - France.
ABOUT COOKIES
This site uses cookies to ensure the smooth operation of the site and to improve
user experience: normal site navigation, video playback, content
videos, sharing content on social networks, measuring the audience
of pages. Strictly necessary cookies are those linked to the
site operation.
This site also uses analysis cookies to improve site functionality.
functionality of the site. All data collected by these cookies is anonymous.
anonymous.
Advertising cookies are used to display advertisements
to users' interests and to measure the effectiveness of advertising
of advertising campaigns.
See cookies policy.
MODIFICATION OF THE PRIVACY POLICY
CROSSCALL may modify this privacy policy from time to time. We therefore invite you to consult it regularly in order to take note of the latest the latest version.