The protection of your privacy and Personal Data is an important concern to which each Gravotech entity (also known as, “Gravotech”, or “we” or “us”) pays special attention. Gravotech is committed to protecting the rights of individuals in compliance with the General Data Protection Regulation (reference EU2016/679) (the “GDPR”).
- the Personal Data we may collect during our relationship, how we collect, use, protect and transfer your Personal Data
- how you can control the processing and disclosure of your Personal Data
What is Personal Data?
Personal Data means any information relating to an identified or identifiable data subject (you).
What Personal Data do we use?
During our business relationship or while visiting our website, Gravotech may collect and process:
- some Personal Data (e.g. your name, email address, phone number, etc.) you provide us with, for example by filling out one of our contact form or when subscribing to our newsletter
What can be the purpose(s) of your Personal Data processing?
Each time Gravotech collects your Personal Data you will be informed about the purpose(s) of such processing. Your Personal Data may be used for purposes such as communication, marketing and promotional purposes, legal compliance, business relationship management or accounting.
What is the basis for processing of your Personal Data?
The legal basis for the processing of your Personal Data are:
- your consent (e.g. while subscribing to our newsletter)
- legitimate interest (e.g for invoicing purpose)
- contract obligations or legal obligations (e.g. for training purpose)
Who will receive your Personal Data?
We and eventually Gravotech’s data processor(s), on a need-to-know basis, will receive your Personal Data for the purpose(s) you have been informed of.
Will your Personal Data be transferred to a third country/region outside the European Union?
We may transfer, on a need-to know basis, your Personal Data within Gravotech Group and to related third parties (including data processor). These companies may be located outside the European Union. This transfer is subject to appropriate safeguards, notably the respect of the Gravotech code of conduct and the enforcement of standard data protection clauses.
For how long will your Personal Data be stored?
We process and store your Personal Data as long as it is required to meet our business relationship’s or statutory’s obligations. If your Personal Data is no longer required for the performance of our obligations, this will be erased on a regular basis unless further processing is necessary, for instance, for preserving particular evidence under the GDPR, or in the context of legal statutes of limitation.
We use technical and organisational security measures in order to protect the Personal Data we have under our control against accidental or intentional manipulation, loss, destruction and against access by unauthorised persons.
What are your rights and how to exercise them?
You may at any time exercise your rights:
- to access: you have the right to know what the Personal Data are concerning you and as to whether or not your Personal Data is being processed by us (Article 15 of the GDPR)
- to rectification: you have the right to change any inaccurate Personal Data concerning you (Article 16 of the GDPR)
- to erasure: you have the right for your Personal Data to be erased (Article 17 of the GDPR)
- to restriction of the processing when applicable (Article 18 of the GDPR)
- to data portability (Article 20 of the GDPR)
- to object when applicable (Article 21 of the GDPR)
- to withdraw consent (Article 7 of the GDPR)
- To this effect, please contact Gravotech either by email at the following address: firstname.lastname@example.org or by writing to the address below, enclosing a copy of an appropriate document evidencing your identity.
466 rue des Mercières
Can I ask for assistance to the competent authorities?
In case of dispute or for any question, you have the possibility to lodge a claim with the CNIL or your local national Data Protection Authority.