GDPR

CONEX PRIVACY POLICY

Introduction

CONEX SAS is committed to protecting your privacy and respecting its obligations with regards to the security of its customers’ data.

This privacy policy contains the following elements regarding data collected:

  • Where does the data come from?
  • What do we do with it?
  • How do we store it?
  • To whom is it transferred?
  • How do we address your data protection rights?
  • How do we comply with data protection regulations?

All personal data is collected and processed in accordance with French and European data protection laws.

Data controller

In this privacy policy, “CONEX” (hereinafter “we”, “our”, “us” or “CONEX”) refers primarily to CONEX SAS. Your personal data may be shared by CONEX SAS with its parent company, its subsidiaries and / or any other sister company.

CONEX is the « controller » of all personal data collected from its customers in the context of GDPR, the General Data Protection Regulations.

CONEX, whose head office is situated at ZA de l’Europe BP 40019, 59358 ORCHIES CEDEX in France, is registered in the DOUAI RCS Trade Register under number 331 998 401 .

Personal data that we collect

By “personal data” we mean all information concerning you which allows us to identify you, such as your family name, first name, professional contact details (postal address, email address, IP address, telephone number, information relating to your access to the various services we offer: Internet sites, Helpdesk via conex interface, via conex-hosted applications*), data collected in the communications exchanged with you or that you provide us with via postal mail, electronic mail, telephone calls or on social networks; *Non-exhaustive list.

We may collect your personal data when you complete an information form via internet, when you fill in you CUSTOMER PROFILE record, when you participate in one of our conferences, training sessions, trade fairs or other events, when you take part in a survey, or when you contact us.

For what purposes do we use your personal data, why and for how long?

Your data may be used for the following purposes:

– To provide the information, products and services that you request: we use the information that you provide us to respond to a request from you;

– To contact you in the event of an important regulatory change or an update to our solutions. These communications are not made for commercial purposes and cannot be deactivated;

– For administrative and legal purposes: we use your data to perform statistical and commercial analyses, system tests, customer surveys, maintenance and development activities, or to settle a dispute or complaint;

– For communications with the sales department: we use your data to manage our relationship with you as a customer and to improve your experience with us;

– For business communication: we use your data to communicate relevant information to you such as customs alerts, information related to the use of our products and services (software updates, servers, helpdesk, etc.);

– For marketing: we will contact you by email with information about related products and services. You can choose whether or not to receive these communications by simply indicating your choice on the appropriate form. In addition, upon receiving each such electronic message, you will have the option of indicating that you no longer wish to receive marketing communications.

– We will only process your personal data within the framework provided by law. The legal basis will vary depending on the reasons for which we have collected and need to use your personal data.

– In most cases, we need your personal data to manage and monitor your commercial account with us and only in the professional context of our customer – supplier relationship.

– We will not retain your data elements any longer than is necessary to achieve the purposes for which they are processed. In order to determine the appropriate retention period, the duration of our contractual relationship and your preferences are taken into account.

–  We must also take into account the periods during which we my need to keep your personal data in order to comply with our legal obligations or to process complaints, questions and defend our interests in the event of a dispute.

– As soon as we no longer need your personal data, we delete or destroy it securely.

Administrative injunctions

CONEX SAS will be exempted from its confidentiality obligation following the injunction of an administrative or legal authority to communicate the data in our possession.

Security of your personal data

– To ensure the security and confidentiality of your personal data, CONEX SAS uses networks protected by standard devices such as firewalls, encryption and passwords. When processing personal data, CONEX SAS takes all reasonable measures to protect them from loss, misuse, unauthorised access, disclosure, alteration or destruction.

– It should also be noted that each user contributes to the protection of his/her personal data by complying with good practices in the use of IT tools (for example, not sharing one’s own password).

– The user account includes, notably, the user identifiers which, once made available, become the exclusive responsibility of that user. The user undertakes to keep them secret and not to disclose them in any form whatsoever. If any of the user identification elements are lost or stolen, the user must immediately inform CONEX SAS, who will then cancel and / or update the element concerned.

– The user is solely responsible for the use made of his/her Identifiers, even if the user pre-registers his/her username and password on his/her computer, mobile phone or any other type of equipment, thus allowing automatic connection to the Services.

– Any access, use of the services and transmission of data made from a user’s user account will be deemed to have been performed by the said user. Safeguarding the confidentiality of the user’s identifiers is the user’s sole responsibility. In this regard, the user is required to ensure that at the end of each session, he/she properly disconnects from the services, particularly when accessing the services from a public computer.

– Any loss, misappropriation or unauthorised use of a user’s identifiers and their consequences are the sole responsibility of this user. In all the situations mentioned above, the user must inform CONEX forthwith, by email, indicating the identifiers in question, family name and first name, to the following address: data-privacy@conex.net, so that CONEX SAS is able to proceed with the resetting of the user account.

Sharing your personal data

Your personal data may be shared by CONEX SAS with its parent company, its subsidiaries and/or any other sister company.

For the purposes of this privacy policy, we may also share your personal data with the following third parties:

–      Trusted service providers we may call on for certain activities such as the services of marketing service providers who assist our marketing teams to conduct customer surveys and targeted marketing campaigns.

–       In the event of a dispute: legal advisors or other professional advisors, courts and bodies responsible for enforcing the law in order to ensure that rights related to our contract with you are respected.

All data collected will be processed in accordance with this privacy policy.

When our use of your data depends on your consent, you have the option to withdraw your consent to the processing of your personal data and to delete these data elements at any time simply by clicking on the unsubscribe links provided.

Data protection officer

We have named a Data Protection Officer (“DPO”) to ensure compliance with this privacy policy. For any questions regarding this privacy policy or how we manage your personal data, please contact the DPO at the following address: data-privacy@conex.net.

Your data protection rights

In accordance with the law, in certain circumstances you have the right to:

  • Request information to find out whether we possess personal data that concerns you and, if so, what this information is and why we keep / use it.
  • Request access to your personal data. This request allows you to receive a copy of the personal data that we have about you and to verify that we process this data legally. 
  • Request the correction of the personal data that we have about you. This allows you to rectify any information that is incomplete or inaccurate.
  • Request the deletion of your personal data. This allows you to ask us to delete or remove any personal information that we no longer have any reason to process. You also have the right to request that your personal data be deleted or removed when you have exercised your right to object to the processing of your data.

Changes to the Privacy Policy

Our privacy policy may change from time to time and you will be notified by email or via our website of the modifications made to it.

CONEX PRIVACY POLICY