We specialize in data hosting, so we know our customers, prospects, employees, suppliers, collaborators and various partners are concerned about the security and confidentiality of their personal data. We therefore wish to build a relationship of trust with them, in particular by being perfectly transparent regarding their personal data.
This is why, with the entry into law on 25 May 2018 of European Regulation no. 2016/679 of 27 April 2016 on the protection of personal data (hereinafter the “GDPR”), we have redefined and formalised our personal data protection policy in the present document called “Data Protection Policy”.
The purpose of this Data Protection Policy is therefore to inform you of the commitments and technical and organisational measures we have put in place to ensure the protection of your personal data.
It complements ALWAYSDATA’s General Terms and Conditions of Service (hereafter the “GTCS”), which include its contractual clauses regarding subcontracting.
This Data Protection Policy is not fixed; it may evolve according to national and European regulations and will undergo the adaptations that the doctrine of the CNIL (Commission Nationale de l’Informatique et des Libertés) and the guidelines of the G29 (Working Group bringing together the representatives of the independent supervisory authority of each member country of the European Union) will require.
Within the framework of its activity, ALWAYSDATA is led to collect and process personal data necessary for the management of the relationship with its employees and collaborators, its customers and prospects, its suppliers and various partners.
To this end, ALWAYSDATA ensures that it collects and processes only data that is adequate, relevant and limited to what is necessary for the purposes for which it is processed. It is in this way that we respect the principle of data minimisation laid down by the GDPR.
The data we collect is for a specific purpose, and is not used for any other purpose. Our purposes are determined, legitimate, explicit and compatible with our missions, in this case the management of activities relating to data hosting as well as ancillary services and ancillary activities.
The defined purpose makes it possible to determine the relevance of the data to be collected: only adequate data that is strictly necessary to achieve the defined purpose is collected and processed by ALWAYSDATA.
In accordance with the GDPR, ALWAYSDATA informs and encourages its employees and collaborators, customers and prospects, suppliers and various partners to inform the person from whom personal data is collected:
In the absence of individualised contact with the person concerned by the collection and processing, ALWAYSDATA encourages its employees and collaborators, customers and prospects, suppliers and various partners, to inform said person by all appropriate means according to the modalities of the collection (posting at the place of collection; information a posteriori, for example at the time of the first individualised contact with the person concerned; etc.).
ALWAYSDATA does not communicate the data of its employees and collaborators, customers and prospective suppliers and various partners to third parties; ALWAYSDATA does not trade in them.
Your personal data is therefore only intended for specific recipients who are authorised to receive them, in this case and as the case may be, ALWAYSDATA and its subcontractors, ALWAYSDATA’s customers and their subcontractors as well as any other persons, organisations or entities to whom these customers may wish to communicate or show this data (in particular in the context of demos and presentations of our products and services), and this only for the purposes relating to the hosting of the data as well as ancillary services and activities.
ALWAYSDATA keeps the personal data of its employees and collaborators, customers and prospects, suppliers and various partners only for the time necessary for the operations for which they were collected and in compliance with the regulations in force.
This data is deleted after a maximum of 5 years after the end of the contractual relationship.
Data relating to prospects are kept for a maximum period of 3 years from the last contact between ALWAYSDATA and the prospect.
ALWAYSDATA determines and implements the means necessary for the protection of personal data in order to avoid risks resulting in particular from the destruction, loss, alteration, unauthorised disclosure of personal data transmitted, stored or otherwise processed, or unauthorised access to such data, whether accidental or unlawful.
These means shall consist of appropriate technical and organisational measures to ensure a level of security appropriate to the risk, and shall include, inter alia, as appropriate :
In particular, access to data is secured by strong security systems: identification by certificate, double authentication and other processes implemented by ALWAYSDATA.
Thus, the protection policy for personal data processed by ALWAYSDATA is organized around logical, physical or organizational measures.
ALWAYSDATA defines and implements the access and confidentiality rules applicable to the personal data processed.
The access rights are updated in case of evolution or change of its beneficiary.
In principle, ALWAYSDATA does not transfer personal data outside the European Union.
Should such a transfer prove necessary, it would be within the scope of the purpose of the processing operation for which the data is intended.
In that case, the data recipients would only be given the categories of data necessary for the fulfilment of that purpose.
More generally, ALWAYSDATA would transfer data only in accordance with the provisions of Articles 44 to 50 of the GDPR.
In application of the GDPR and the provisions of Law No. 78-17 of 6 January 1978 relating to data processing, files and freedoms (known as the “Data Protection Act”), any natural person whose personal data is processed has the right to oppose the collection and processing of personal data concerning him or her, the right to access, rectify or delete such data (right to oblivion), the right not to be subject to a decision based solely on automatic processing, including profiling, the right to have the processing concerning her/himself restricted, the right to have information about the persons to whom the controller has transmitted personal data concerning her/him, and the right to the portability of such data as described in Articles 15 to 22 of the GDPR. It may exercise these rights by sending its request to moc.atadsyawla@opd accompanied by documents proving in particular its identity and signature.
Within the framework of the entry into force of the GDPR on 25 May 2018, ALWAYSDATA has appointed a Data Protection Officer (DPD or DPO) directly attached to the ALWAYSDATA Management.
In coordination with ALWAYSDATA’s Management, the DPO permanently ensures the conformity of all personal data processing within ALWAYSDATA.
This Data Protection Policy supplements ALWAYSDATA’s Terms and Conditions, whose provisions not to the contrary remain applicable.
Therefore, any service provided by ALWAYSDATA for the benefit of the customer implies the customer’s unreserved adherence to this Personal Data Protection Policy.