1. Object
The privacy policy explains how Institut de la Corrosion subsidiary of Swerea Group handles personal data. All personal data processing is carried out pursuant to the EU’s General Data Protection Regulation (GDPR) on:
2. Application
1.
This document is intended to any person kinked to Institut de la Corrosion where personal data are concerned (employees, customers, suppliers..)
3. Définition(s)
GDPR : General Data Protection Regulation (RGPD: règlement general de protection des données)
2.
4. Description
4.1 What is personal data?
Personal data is any information that can be linked to a person as an individual. For example, the name, private email address, private telephone number, etc.
Information linked to companies, such as company identification numbers, company telephone number, e-mail linked to company or position etc. are not considered personal data.
4.2 How does Institut de la corrosion process personal data?
Collection and consent
Institut de la Corrosion collects personal data through both digital and analogue channels (e.g. websites, seminars, customer meetings, by telephone, etc.). The data is stored in the company’s internal customer databases.
We always request your consent if we need to save your personal data for a specific purpose. Exceptions may take place:
-When we are obligated to store your data owing to legal requirements.
-When you or your company enters into a business relationship with us (legitimate interest).
Use and purpose
We never collect more information than the situation requires and only for specific purposes. Such purposes include:
-providing a product or service
-marketing activities
-legal requirements
-recruitment
We seldom process sensitive data, but this may occur. If you personally choose to provide us with that type of information, Institut de la Corrosion considers that you have given your consent to the registration of the data in accordance with the purpose explicitly stated in conjunction with the submission of the data. For example, when you personally provide information about cost preferences prior to a seminar, without Institut de la Corrosion requiring it.
Institut de la Corrosion’s website
The website uses cookies through “Google Analytics” for collecting statistics of how the website is used. The statistics provide information used to develop and improve the website. For more detailed information, go to Google’s website specifying the use of cookies through Google Analytics on websites (https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage)
External Systems/Suppliers
In cases where external suppliers or partners have access to systems in which personal data is available, we have set up so-called ‘associate agreements’ to ensure that the data is processed and protected in a secure manner.
4.3 How long is personal data stored?
We store your personal data for as long as it is necessary to perform the task for which the personal data has been collected and saved.
Right of access
You have the right to request information, once a year, regarding what personal data we process about you or your company. The request for information must be submitted in writing to the personal data controller (DPO).
Right to rectification and right of erasure
You may request, at any time, that rectifications be made to your personal data or request to be erased from our registry if you are unable to do so yourself. We will rectify or erase your data without undue delay.
To request rectification or erasure, see contact details below. Please note that legal limitations and other regulations may exist which restrict your above-mentioned rights.
4.4 Who should I contact regarding questions on personal data processing?
If you have any questions about Institut de la Corrosion processing of personal data, please contact brest@institut-corrosion.fr.
4.5 Changes to personal data provisions
Changes concerning personal data processing at Institut de la Corrosion will be communicated on this website. Provisions may change owing to, for example, legislative amendments. However, if the processing of personal data is governed by a customer agreement, the contractual provisions apply until amended, unless these are irreconcilable with law or other legally binding provisions.