PLG – Privacy notice – Clients and vendors
This privacy policy informs you about the processing activities that take place directly on our website. For information concerning cookies and third party services that are implemented on our website, please visit our Cookie Policy.
The controller as defined within the General Data Protection Regulation (GDPR) and within other national privacy legislation of the member states and other privacy regulations is:
Groupe ProductLife S.A.S.
– Group Head Office –
8-14 avenue de l’Arche – 92400 Courbevoie
France
Tel.: +33 1 41 44 22 11
E-Mail: [email protected]
or any one of its affiliates, whose contact details you can find here https://www.productlifegroup.com/worldwide-presence/ (hereafter « ProductLife Group »).
Contact information for the data protection officer
Please, find below the data protection officer’s contact detail:
E-mail: [email protected]
When visiting our website, we log the following data transmitted by your browser:
This data will be saved to a log file.
Legal basis for the temporary processing of your data and for saving the log files is art. 6 sec. 1 lit. f GDPR.
Saving the IP address for the duration of your session is required for delivering the website to your system. Delivery of the website also constitutes our legitimate interest for the purpose of which your IP address and connected data is processed.
The data we are saving to logs is processed for evaluating our offerings, optimizing our website appearance and to defend us against cyber threats. The logged data will not be combined with other data sources and will not be used for marketing purposes.
The aforementioned purposes constitute our legitimate interests in terms of art. 6 sec. 1 lit. f GDPR.
The data is deleted when it is no longer of use for the purposes it has been collected for. With respect to data collected for delivering the website this is the case when the session expires. Data saved to log files will be deleted within thirty days.
Our website provides contact e-mail addresses that you can use to contact us electronically. Data you provide to us via e-mail will be transmitted to us and saved. There is no transfer of personal data to any third party in this context, except for suppliers of services instrumental to the pursuit of the processing purposes.
Please note that ordinary email communication is not encrypted and provides a lower safety standard than other means of digital communication. Please be aware of this before contacting us via email and refrain from providing us with sensitive data via email whenever possible.
Where processing of the provided data is required for fulfilment of your request for assistance (including any complaints you may have), if necessary by contacting you at the address you have provided, such processing takes place on the basis of art. 6 sec. 1 lit. b GDPR. Otherwise processing is based on art. 6 sec. 1 lit. f GDPR, with our legitimate interests being to enable direct and uncomplicated communication with customers and prospects and to deal with them in a professional and service oriented manner. A transfer of your personal data or processing for other purposes does not take place.
Your data will be deleted once it is no longer required for the purposes they were collected for. This is the case, when the conversation with you is completed, i.e. when the subject matter has been resolved. Further processing may occur for legal purposes concerning tax or trade legislation or other reasons with legal implications, as well as for the purposes of defending against or enforcing legal claims.
Contact via Contact Form
You may also use the contact form provided on our website. In case you choose to do this, we collect the following data from you, apart from the subject and message text of your inquiry:
You may also choose the service that most closely relates to the subject you are contacting us about, and you may upload and add a file to your message. Please refrain from providing us with sensitive data whenever possible.
The data collected through the contact form is added to our customer relationship management tool (“CRM”) to enable us to optimally provide you with our support.
Where processing of the provided data is required for for fulfilment of your request for assistance (including any complaints you may have), if necessary by contacting you at the address you have provided, such processing takes place on the basis of art. 6 sec. 1 lit. b GDPR. In other cases, processing is based on art. 6 sec. 1 lit. f GDPR, with our legitimate interests being to enable direct and uncomplicated communication with customers and prospects and to deal with them in a professional and service oriented manner.
We employ suppliers of services instrumental to the pursuit of the processing purposes to realize our CRM who process your data on our behalf.
The other data that is processed (i.e. IP address, etc.) when sending out the message serves to prevent misuse of the contact form and to ensure the security of our systems. This is within our legitimate interests as defined in art. 6 sec. 1 lit. f GDPR.
The data is no longer processed as soon as it is no longer necessary for fulfilling the purposes of the data collection. Concerning the data that is entered into the contact form, this will be the case as soon as there is no more need to save the data for further communication with you. This occurs when the circumstances suggest that the exchange between the parties is concluded. Further processing of our communication may occur for legal purposes concerning tax or trade legislation or other reasons with legal implications.
The other data that is processed (i.e. IP address, etc.) will be deleted not later than thirty days after its collection.
Newsletter
For our newsletter, we process your e-mail address that we may have obtained from our customers in the context of the sale of a service, in accordance with Directive 95/46/EC, giving them clearly and distinctly the opportunity to object, free of charge and in an easy manner, to such use of electronic contact details. You may also contact us via contact form or email in order to subscribe to our newsletter if you wish. Of course, you may also unsubscribe from the newsletter at any time and very easily: every email you receive will contain an unsubscribe-button that informs us that you no longer wish to receive our newsletter as you click it.
The legal basis for dispatching the newsletter is within the controller’s legitimate interest in promoting services similar to those you have already purchased. In other cases, we get your consent before providing you with our newsletter, art. 6 sec. 1 lit. a GDPR.
The data collected will be held until you object to receiving the newsletter or revoke your consent by unsubscribing.
For dispatching the newsletter, we employ the services of suppliers of services who work with us on the basis of a data processing agreement, art. 28 sec. 3 GDPR. They do not use the data of the newsletter recipients to contact them themselves or to transfer the data to any third party.
The newsletters may contain a so-called „web-beacon“. This is a file the size of a pixel that informs us via our service provider that the newsletter has been opened. These data include information concerning the employed browser and operating system, as well as your IP address and the time of access to the newsletter. This information is used for improving our services either by technical means or by better understanding our target audience and its reading preferences, also in terms of current location (determined via IP address) and/or time of access. As part of these statistical measurements, also the links that are opened are logged. These evaluations are done for the purposes of adapting our content to the preferences and interests of our customers or for sending out tailored content. This purpose includes classifying you into broad consumer groups by partitioning the raw data collected, without performing any other processing operations consisting of profiling activities. Herein lie our legitimate interests in accordance with art. 6 sec. 1 lit. f GDPR.
Webinars
On our website, we provide you with the option to register for webinars organised by us. To participate in our webinars, we collect the following personal data from you:
We will use this data to communicate with you regarding this event. The legal basis for this processing activity is art. 6 sec. 1 lit. b GDPR, the necessity for the performance of a contract at your request. For the purpose of organizing these webinars in a professional manner, we employ the services of suppliers of services who work with us on the basis of a data processing agreement, art. 28 sec. 3 GDPR.
Job Applications
During the application process, we only collect the data that you provide us with. In case you want to apply for a job, we direct you to our contact form (for more information see above). We advise you to send us your application via our contact form. Should you decide to send us your application via email, it will be unencrypted. We inform you that the transfer of unencrypted information is not considered safe in terms of data privacy.
After receiving your application, we use the data provided by you to determine if you are suitable for the job opening and to carry out the application process. Suitable applications will be forwarded internally to the person responsible for the department at stake. Then, the further procedure for the application is determined. Access to your data is granted solely to the persons within the company that need it in order to properly carry out the recruitment process. For further information concerning our hiring process and our company identity, please go to
Careers
The data you provide us with through the application process is processed on the legal basis of: art. 6 sec. 1 lit. b GDPR to take steps at your request prior to entering into a contract. This involves processing activities that are necessary for the purposes of making a decision about entering an employment relationship; art. 6(1)(c) GDPR – compliance with laws, for example in cases where labour law or other laws require us to process your personal data, or in cases where we must respond to requests from authorities in the context of investigative procedures.
Should your data be needed for the purposes of defending our legal interests after the completion of the application process, your data will be processed under the conditions of excercising our legitimate interests under art. 6 sec. 1 lit. f GDPR. Those interests then consist of excercising or defending against legal claims. The data usually is deleted 6 months after the opening has been filled. In other cases, your data is deleted immediately after a rejection.
In case we have an ongoing interest in your profile despite not choosing you for the current opening, we will ask for your permission for further saving and processing your data to check for compliance with other job offers within our company. This processing will only take place with your consent. Should you not give your consent within the time frame we save your data anyway due to our legitimate interests as described above, your data is deleted.
In case you consent to further processing as described above, we will transfer your data into our applicants pool on the legal basis of art. 6 sec. 1 lit. a GDPR and will be considered for future openings. Your data is deleted from our data base after 2 years. You may withdraw your consent for further processing without affecting the lawfulness of processing before the withdrawal. Please send us an e-mail to if you wish to withdraw your consent.
Should your application result in an employment relationship, your data will be transferred to our human resources department for further processing.
Mandatory or optional nature of data provision
You are not obliged to provide the personal data, but failure to do so may result in preventing us to achieve the above mentioned purposes.
Categories of recipients of the personal data
We make every effort to share your personal data with as few people as possible, on a need-to-know basis.
Your data may be shared with various stakeholders, both internal to ProductLife Group and external. These recipients are
Internal to ProductLife Group:
External to ProductLife Group:
Cross-border transfer
ProductLife Group is a multinational organization with subsidiaries, partners and processors located in many countries around the world. For this reason, we may transfer your personal data (including by providing access to it, allowing it to be viewed, or by storing it) to other jurisdictions, including outside the European Economic Area, to countries that may not be considered to offer a level of protection equivalent to that of the country in which you reside.
If we need to transfer your personal data outside the European Union, or outside the country in which you reside, we will ensure that adequate safeguards such as those prescribed by applicable data protection legislation are implemented (such as the European Commission’s Standard Contractual Clauses, where applicable).
Concerning data security
For our website we make use of ssl encryption (secure socket layer) with the highest encryption level supported by your browser. Usually this will be 256-bit encryption. If your browser doesn’t support this, our website falls back to 128-bit technology. Most browsers show encryption status by displaying a closed lock icon next to the URL or in the status bar.
We have implemented appropriate technical and organisational measures to protect the integrity, confidentiality and availability of your personal data. The measures we have implemented are being continuously improved and updated according to the progress of technological development.
No automated Decision-Making
While using our services, you are not subject to any exclusively automatic decision-making process – including profiling – that takes legal effect or affects you significantly in any similar manner.
Your Rights
Right of Access
You have the right to obtain from us confirmation as to whether or not personal data concerning you are being processed. Upon request we gladly inform you in writing about which personal data are being processed by us, including their origin, any recipients of your personal data as well as the purpose of processing.
Right to rectification
You have the right to obtain from us rectification of personal data concerning you to the extent we save such data and provided it is inaccurate.
Right to restriction of processing
You have the right, under the preconditions of art. 18 sec. 1 GDPR (for example if the accuracy of the data is disputed or the processing is unlawful), to obtain from us restriction of processing, which means that we may only process your personal data subject to such restriction under the preconditions of art. 18 sec. 2 GDPR (for example with your consent or for the exercise or defence of legal claims).
Right to erasure
You have the right to obtain from us the erasure of your personal data under the preconditions of art. 17 sec. 1 lit. a-f GDPR (for example if the personal data is no longer needed or processing is unlawful) unless exceptions following art. 17 sec. 3 lit. a-e GDPR apply (for example if there are legal obligations to process the personal data).
Right to data portability
You have the right to receive from us your personal data that you have provided to us in a structured, commonly used and machine-readable format and to transmit those data to another controller without hindrance from us.
Right to object
You can, at any time, object to processing of personal data concerning him or her which is based on point (f) of Article 6. In this case, we shall no longer process the personal data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
Right to lodge a complaint with a supervisory authority
You have the right to lodge a complaint with a supervisory authority, if you feel our processing of your personal data is unlawful, and seeking a judicial remedy.