PRIVACY POLICY​

Date of last update:16.07.21

​

WHAT IS OUR PRIVACY POLICY?

We take your privacy very seriously and are committed to protecting it. We consider that you should be able to easily know what personal data we collect and use, and understand your rights in relation to it.

This Privacy Policy explains our policies and practices regarding how we collect, use and disclose the personal data we collect.

When you use our digital platforms or provide us with your personal data, you agree to this policy.

We recommend that you read our privacy policy carefully as it contains important information about your personal data. It has been designed so that you can easily access the section that interests you.

Do not hesitate to contact us if you have any questions or comments about this Privacy Policy by writing to dpo@mcgp-sas.com.

​

WHO ARE WE ?

The company responsible for your information under this Privacy Policy (the "data controller") is: MCGP, Société par actions simplifiee au capital de 163 000€ sise 4 rue de la Paix 75002 Paris, France, RCS Paris B 479 808 503.

​

WHAT PERSONAL DATA DO WE COLLECT AND HOW IS IT COLLECTED?

Personal data is information relating to an identified or identifiable natural person. They include, for example, a person's name, address and gender.

We may collect personal data directly from you (for example through an electronic message) or indirectly (for example from your electronic devices that interact with our digital platforms).

What are the data types of personal data?

We distinguish :

The data that you communicate to us

Data we collect in connection with the use of our digital platforms or through electronic messages such as your digital address (IP address)

Publicly accessible data, for example on social networks

Examples of personal data that you can communicate to us

Your name,

Your mailing address,

Your email address,

Your identifiers on social networks,

Information you provide to us in free text.

Where does this data come from?

From our digital platforms. Digital platforms intended for customers or other contacts (such as candidates, and anyone interested in MCGP SAS) and operated by or for MCGP SAS.

Electronic communications between you and MCGP SAS.

From public sources, for example via social networks.

minimum age

We remind you that we do not collect, directly or indirectly, personal data from persons under the age of 16, without prejudice to any local law setting a different minimum age. We therefore ask you not to provide us with personal data of persons who do not meet this criterion.

​

WHY DO WE COLLECT YOUR PERSONAL DATA AND HOW DO WE USE IT?

We collect and use your personal data in reliance on one or more of the following legal bases:

We have obtained your prior consent (for example when you complete the contact form). Please note that with this particular legal basis you have the right to revoke your consent at any time (see below “What are your rights over your personal data and how to contact us?");
We have a legitimate interest in carrying out the processing and that legitimate interest is not overridden by your interests, fundamental rights or freedoms;
We must process your personal data in order to comply with applicable laws and regulations.

We use the data and information we collect about you to:

Offer you all the features of our digital platforms;
Enable the proper functioning of all our digital platforms;
Personalize your use of our digital platforms and improve them;
Communicate with you and respond to all your questions or comments;
Proceed with the management of fraud and blacklists in the event that a person has been involved in fraud with regard to our products, services or brands, in particular in order to allow, modify or refuse access to a person to our services or products, or any contact with MCGP SAS, and to communicate with state authorities and defend the rights of MCGP SAS with these authorities.
 

HOW LONG DO WE KEEP YOUR PERSONAL DATA?

We do not keep your personal data longer than necessary for the purposes for which they were collected, to comply with legal and regulatory obligations and for the duration of any period necessary for the establishment, exercise or defense of legal claims. legal.

Regarding cookies and other digital markers, see below “Cookies Policy and Digital Markers".

Certain technical data (IP addresses for example) are kept for the time necessary to manage the security of our digital platforms.

Prior to any data deletion operation (other than for legal reasons), we may ask you if you want them to be kept. Without response or with a negative response, we will indeed delete them.

 

HOW DO WE DISCLOSE AND TRANSFER YOUR PERSONAL DATA?

Your personal data is processed by MCGP SAS.

They may also be transferred in the event of reorganization of MCGP SAS, in particular in the event of merger, absorption, demerger, and any other reorganization operation. They may also be shared in certain cases within the MCGP Group.

Your personal data may also be transferred to the third parties indicated below:

Any person or entity on the basis of applicable law or a judicial decision: we may communicate your data to third parties if we consider that this communication is necessary to comply with applicable law, protect our rights or prevent fraud or abuse. When we receive requests for information for law enforcement or national security purposes, we review such requests carefully, including whether they appear vague, excessive or unlawful. Where permitted by law and reasonably within our control, we may notify you that such information has been requested from us. In any event, both the analysis of the request and the possibility of informing you are at our sole discretion and cannot engage our liability in civil, criminal or administrative matters.

 

In the event of a cross-border transfer, we ensure that adequate protection is guaranteed when personal data is transferred outside the EEA. In certain specific cases, if this level of protection is not guaranteed, we will obtain your prior consent or establish with the recipient of the personal data a contractual framework or sufficient measures to ensure an adequate level of protection abroad.

We inform you that some partners who receive your personal data may be data controllers, which means that they are responsible for this data, and that the processing of your data is subject to their Privacy Policy which you can access by contacting them. In addition, the rights in connection with this data that you wish to exercise must be requested directly from these data controllers. This may be the case, for example, with regard to financial management, payments, fraud and tax refunds and for logistics partners.

A list of these main partners appears in the appendix in the section “Main third parties".

 

HOW DO WE PROTECT YOUR PERSONAL DATA?

All your personal data is strictly confidential and will only be accessible if necessary, only by MCGP SAS staff and other duly authorized entities of the MCGP group as well as independent service providers acting on our behalf in the context of security measures. appropriate technical and organizational security.
MCGP SAS has implemented security measures to protect your personal data against unauthorized access and use. We follow appropriate security procedures in the retention and disclosure of your personal data to prevent unauthorized access by third parties and to avoid accidental loss of your data. We limit access to your personal data to people who really need to access it for professional reasons. The people who access your data will be subject to a duty of confidentiality with regard to MCGP SAS.
We also have procedures in place to deal with any suspected data security breaches. We will notify you and any relevant supervisory authority of a suspected data security breach where we are required by law to do so or where we believe the impact is significant enough.
We also require those to whom we provide your personal data to comply with the above.

 

WHAT ARE YOUR RIGHTS OVER YOUR PERSONAL DATA AND HOW TO CONTACT US?

You have the right to request access to information about the personal data concerning you that we process.
You also have the right to ask us:

To correct or erase your personal data, or to limit the processing of your data;
To transfer your data to a third party;
To stop processing your personal data where such processing is based on your consent and there is no other legal basis for us to continue processing your data;

For these different requests, we may ask you for proof of your identity (copy of an official photo ID showing your date and place of birth).
The processing of your requests is free of charge, unless your requests are unfounded or excessive (for example: if you have already requested this personal data on multiple occasions in recent months or if the request involves a disproportionate workload). In this case, we may charge you a reasonable fee in accordance with applicable data protection law.
We invite you to contact us if you believe that your personal data has not been processed correctly or if we have not met your requirements.

Contact :
Do not hesitate to contact us if you have any questions or comments about this Privacy Policy by writing to dpo@mcgp-sas.com. 
 

UPDATE TO THIS POLICY

This Privacy Policy reflects our current practices and may be amended to reflect changes in privacy legislation and/or practices.
When we post changes to this Privacy Policy, we will change the "effective date

force” at the top of this Privacy Policy.
If we change this Privacy Policy in a material way, we will notify you by means of a change notice at the beginning of this Privacy Policy and/or on the home page of our digital platforms. .