Privacy Policy
www.donjuan2.yachtsdeparis.fr
The Sodexo Group builds strong and durable relationships with its clients, partners, consumers and its employees based on reciprocal trust: ensuring the security and confidentiality of their personal data is an absolute priority for the Sodexo Group.
The Sodexo Group complies with all French and European regulatory and legislative provisions regarding the protection of personal data.
The Sodexo Group applies an extremely strict privacy policy to ensure the protection of the personal data of the users of its websites and other applications:
Each user retains control over their data. The data are processed in a transparent, confidential and secure manner.
The Sodexo Group is committed to a continuous approach to protecting user data, in compliance with the French Data Protection Act of January 6, 1978 as amended (the Loi Informatique et Libertés, hereinafter the “LIL”) and the European General Data Protection Regulation of April 27, 2016 (hereinafter the “GDPR”).
The Sodexo Group has a team dedicated to personal data protection composed of the Group Data Protection Officer declared to the CNIL (French Data Protection Authority) and a network of specific contact points for the protection of personal data.
DEFINITIONS
“Personal Data”
refers to any information regarding an identified or identifiable natural person; an “identifiable natural person” is considered to be a natural person who can be identified directly or indirectly in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier, or one or more specific pieces of information relating to their physical, physiological, genetic, psychological, economic, cultural or social identity (hereinafter the “Data subject”).
“we”, “us” or “our”
refers to the Sodexo Group entity that conducts the Personal Data Processing activities.
“Data Controller”
refers to the natural or legal person that determines the purposes and means for data processing.
“Services”
refers to the services offered on the Portal and/or within one of our establishments.
“Data Processor”
refers to the natural or legal person that processes personal data on behalf of the Data Controller.
“you”
refers to any user / visitor to the Portal.
“Portal”
refers to this Website and/or, where applicable, the mobile application and any sub-sites, mirror sites, portals or different URLs related thereto.
PURPOSE OF THIS POLICY
We consider the protection of your Personal Data to be of great importance.
We have drafted this policy to inform you of the conditions under which we collect, process, use and protect your Personal Data. Please read it carefully to know which categories of personal data are collected and processed, how we use these data and who we may share them with. This policy also describes your rights and how you can contact us to exercise them or to ask us any questions about your Personal Data.
This Policy may be amended, completed or updated in particular in order to comply with any legal, regulatory, case law or technical developments. However, your Personal Data shall always be processed pursuant to the policy in force at the time that they were collected, unless a mandatory legal instruction provides otherwise and has retroactive effect.
This policy forms part of the General Terms and Conditions of Use of the Portal.
IDENTITY AND CONTACT DETAILS OF THE DATA CONTROLLER
The Data Controller for Personal Data is the company Yachts de Paris, Société par actions simplifiée [simplified joint stock company under French law], with share capital of €4,246,957.25, the registered office of which is located at Port Henri IV – 75004 Paris entered on the Paris Trade and Companies Register under the number 414.487.892.
THE COLLECTION & ORIGIN OF THE PERSONAL DATA
We may collect your Personal Data directly (in particular by means of forms on our Portal) or indirectly (in particular by means of service providers and/or technologies on our Portal).
We undertake to ask for your consent and/or to allow you to object to the use of your data for certain purposes, whenever necessary. Furthermore, you may opt to receive customized offers and messages from us. In this context, to withdraw your consent, you simply need to click on the unsubscribe link in the most recent customized offer or message that you received from us. In any event, you shall be informed of the purposes for which your data are collected by means of the different data collection forms online and by the Cookie Policy.
THE TYPES OF PERSONAL DATA THAT WE COLLECT AND USE
We may collect and process the following types of Personal Data:
the information that you provide by filling out the forms on the Portal, in particular for the purposes of registration, participation in surveys and events, for marketing purposes (e.g. civil status, surname, first name, etc.);
the information that you provide for the purposes of authentication and browsing on the internet (e.g. IP address, cookies, etc.);
the information that you provide for the purposes of booking and paying for a Service (e.g. telephone number, email and postal address, bank card number, etc.);
the information that you provide for the purpose of managing your job application and, where applicable, your recruitment process (e.g. resume, information about your educational background, your employment history, awards, diplomas, certificates, languages spoken, salary expectations, etc.);
the information that you provide for the purposes or managing a request or a service;
the information that you provide through comments or other content displayed on the Portal.
The Personal Data marked with an asterisk on the data collection forms are mandatory as they are required to take your request into account. If you do not provide the requested information, your requests cannot be taken into account.
PERSONAL DATA THAT WE COLLECT BY AUTOMATED MEANS
We may collect some information by automated means when you visit the Portal in order to facilitate its use and to better customize it and the products and Services according to your interests and your needs. We commit to asking for your consent when this is necessary. For further information please see our Cookie Policy.
After obtaining your consent, we may collect some information by automated means when you visit the Portal in order to customize and improve your experience. We collect this information by various means, such as:
Cookies
A “cookie” is a small data file that is sent through your browser when you are on our Portal and saved on your terminal. This file includes information such as the domain name, the internet service provider, the operating system, and the date and time of access by the user. Cookies do not pose any threat to your terminal.
The cookies are not used to determine the identity of an individual who visits our Website. The cookies enable us in particular to determine your geographical location and the language to display to improve your browsing. They also make it possible for us to process information about your visit on the Website, which pages you consulted and the searches you made in order to improve the content on the Website, keep track of the subjects that interest you and to offer you the most appropriate content.
If you do not wish to receive cookies from our Portal you can configure this choice by using our management tool or by directly configuring your browser.
Finally, by clicking on the appropriate icons for social media such as Twitter, Facebook, LinkedIn, etc. that are included where applicable on our Portal and if you accept that cookies can be saved by continuing to browse on the Portal, the social media in question may also save cookies on your terminal (computer, tablet computer, cell phone, etc.). These types of cookies are only saved on your terminals if you consent to it by continuing to browse on the Website. You may nevertheless withdraw your consent for the social media to save this type of cookies at any time.
Please see our Cookie Policy for more information.
IP Addresses
An IP address is a unique identifier that some electronic devices use to identify themselves and to communicate with each other on the internet. When you browse the Website, we may use the IP address of the device that you use to connect to it. We use this information to determine the general physical location of the device and to understand which geographical area visitors to the Portal come from.
Statistics
The Portal may use Google Analytics to generate statistical reports. These reports indicate to us for example how many users have visited the Portal, which pages were visited, and which geographical area the Website’s users come from. The information collected by using these statistics may include for example your IP address, the website from which you arrived on our Website and the type of device you are using. Your IP address is masked on our systems and will only be used when necessary to solve technical issues, to administer the Portal and to understand the preferences of its visitors. Information about traffic on the Portal is only available to authorized personnel. We do not use any of this information to identify visitors and we do not share it with third parties.
SOCIAL MEDIA
Our Portal can offer you the option of clicking on icons for social media, for example, Twitter, Facebook, LinkedIn, etc.
Social media make it possible to improve the user friendliness of the Portal and help to promote it via sharing. The video sharing services make it possible to enrich our Portal with video content and to make it more visible.
When you click on these buttons, we may have access to personal information that you have indicated as being public and accessible from your profiles on the social media in question. However, we do not create or use any independent database from these social media based on the personal information that you may publish and we shall not process any data regarding your private life in this way.
If you do not want us to have access to the personal information published in the public space of your profiles or your social media accounts, you should use the means made available by the social media in question to limit access to these data.
THE PURPOSES FOR WHICH WE USE PERSONAL DATA
We may use your Personal Data for the following purposes in particular:
No. |
Purpose of the processing |
Legal basis |
Duration of the retention of these data |
1 |
Providing the services ordered on the Portal |
The implementation and management of our contractual relationship with you |
Up to 5 years from the last activity or the end of our contractual relationship |
2 |
Answering your requests, such as for information, a quote, for contact or a search |
The implementation and management of our contractual relationship with you
Our legitimate interest in communicating and answering questions, and to improve the quality and operational excellence of the services that we offer to you |
Up to 12 months after the last contact |
3 |
Processing your requests regarding your food preferences in order to adapt our services, where applicable |
The implementation and management of our contractual relationship with you Your consent for processing your food preferences to be able to adapt our services accordingly, where applicable. |
Throughout the duration of the performance of our services |
4 |
Sending you offers and messages about our products and services and/or those of our partners |
Our legitimate interest in improving the quality and operational excellence of the services that we offer to you
Your consent to receive messages and offers from our partners. |
Up to 3 years from the collection of the data or the last contact from you. |
5 |
Managing application files, recruitment processes and any hiring procedure |
Performing our contractual relationship
Our legitimate interest consisting of managing the applications and recruitment processes for profiles that are appropriate for our needs
Complying with legal obligations, in particular in social terms
Your consent for the retention of your application file |
The duration of the recruitment procedure, where applicable extended by 2 years after obtaining your consent
In the context of a recruitment, for the duration of the employment
|
6 |
Conducting surveys |
Our legitimate interest in improving the quality and operational excellence of the services that we offer to you |
Up to 12 months after the last contact |
7 |
Customizing and improving your experience on our Portal |
Our legitimate interest in improving the quality and operational excellence of the services that we offer to you |
Up to 12 months after the last contact |
DURATION OF THE RETENTION OF YOUR PERSONAL DATA
We retain your Personal Data for a period that shall not exceed the period necessary for the purposes for which they were collected and processed (see the table above).
At the end of this period, strictly relevant data may be retained (i) as proof (in the event of a dispute or in the event of an inspection by authorized bodies), (ii) to comply with the periods stipulated by legal or regulatory requirements and/or (iii) to comply with a contractual obligation with our customers.
COMMUNICATION OF PERSONAL DATA
The security and confidentiality of your Personal Data are of great importance to us. That is why we restrict the access to your Personal Data solely to the members of our personnel who need to know them in order to process your request or to provide the service requested.
We do not reveal your Personal Data to any unauthorized third party. We may however share your data with:
the personnel of entities of the Sodexo Group who are authorized to manage the services;
our clients, including your employer in the context of the performance of a contractual obligation and/or a public service role;
the personnel of the subcontractors on which the Sodexo Group may call to manage services (e.g. technical service providers for hosting and maintenance, consultants, etc.);
the partners and/or entities of the Sodexo Group that are authorized to provide certain services offered by the Portal;
the personnel of bodies authorized by the Sodexo Group or by the law to manage the services.
We ensure that these recipients apply appropriate security and confidentiality measures so that your Personal Data are protected.
We do not authorize the latter to use or divulge your Personal Data, other than where necessary to perform services on our behalf or to comply with legal obligations. Furthermore, we may share your Personal Data (i) if the law or legal proceedings require us to do so, (ii) in response to a request by the public authorities or other administrations, or (iii) if we consider that the communication of these data is necessary or appropriate, to ensure the security of people or to protect the public and to protect our rights and property as well as those of our clients.
SENSITIVE PERSONAL DATA
As a general rule, we do not collect Personal Data of a sensitive nature through our Portal. “Sensitive Personal Data” is considered to include any information regarding racial or ethnic origin, political opinions, religion or philosophical beliefs, the membership of a trade union, health data, or data regarding the sex life or sexual orientation of a natural person. This definition also includes Personal Data regarding convictions and criminal offenses.
In the event that collecting such data were to be strictly necessary to accomplish the purpose of the processing carried out, we shall do so according to the requirements of local legislation regarding the protection of personal data and, in particular, with your explicit, prior consent and under the conditions described in this Privacy Policy.
PERSONAL DATA AND MINORS
The Portal is aimed at adults who are able to contract obligations under the legislation of the country in which you are located.
In France, a user who is a minor under the age of 15 or who is legally incapable must obtain the prior consent of their legal guardian before entering their personal data on the Portal.
TRANSFERS OF PERSONAL DATA
Due to the international nature of the Sodexo Group, your Personal Data may be transferred to recipients, inside or outside the company, that are authorized to perform services on our behalf and that may be located in a country outside the European Union or the European Economic Area that does not offer an adequate level of protection for Personal Data.
To guarantee the security and the confidentiality of the Personal Data transferred in this way, we take all the measures necessary to ensure that such data have adequate protection, such as by signing the European Commission’s Standard Contractual Clauses or any other mechanism ensuring an equivalent level of protection.
YOUR RIGHTS
Sodexo undertakes to facilitate the exercising of your rights pursuant to the applicable regulation. Below you will find a table summarizing the different rights that you are entitled to:
RIGHT OF ACCESS AND CORRECTION |
You can request access to the Personal Data that we have regarding you. You can also request the correction of any Personal Data that may be inaccurate or that any incomplete Personal Data be completed.
You also have the right to know the sources of these Personal Data. |
RIGHT TO DELETION |
Your right to oblivion entitles you to request the deletion of your Personal Data when:
|
RIGHT TO LIMIT PROCESSING |
You can also request a limitation on the processing of your Personal Data if:
|
THE RIGHT TO DATA PORTABILITY |
Where applicable, you may request that we provide your Personal Data in a structured format, which is commonly used and that can be read by a machine, or you may ask for your Personal Data to be sent directly to another data controller on the condition that:
You also have the right to request that your Personal Data be sent directly to a third party of your choice (when this is technically possible). |
RIGHT TO OBJECT |
You have the right to object to the processing of your Personal Data (right of “withdrawal”) particularly with regard to profiling or marketing messages. When we process your Personal Data based on your consent, you can withdraw your consent at any time.
At any time, you can also request that you no longer receive advertisements or marketing messages from us by contacting us directly and free of charge, or using the unsubscribe link in all of the marketing messages we may send to you by email, or by sending an email to the address provided below. This objection is without prejudice to the legality of the messages sent prior to its implementation.
Pursuant to article L.223–2 of the French Consumer Code, the User is informed of their right to register at no charge on the Do Not Call List (www.bloctel.gouv.fr). |
RIGHT NOT TO BE MADE SUBJECT TO AUTOMATED DECISIONS
|
You have the right to not be made subject to any decision based solely on automated processing, including profiling, which may have legal implications for you or that may affect you significantly in a similar manner. |
RIGHT TO ISSUE ADVANCE INSTRUCTIONS REGARDING THE PROCESSING OF YOUR PERSONAL DATA AFTER YOUR DEATH |
Under French law regarding the protection of personal data, you may also define instructions regarding the exercising of your rights provided for by this section after your death, (in particular regarding how long they are kept, their deletion and/or their communication) as well as appointing a person to exercise these rights. |
RIGHT TO FILE A COMPLAINT |
You can file a complaint with the French Data Protection Authority (Commission Nationale de l’Informatique et des Libertés – CNIL) on the following link: www.cnil.fr. You can also take legal action before the courts of the country in which the Sodexo entity has an establishment or in the country in which you are usually resident. |
To exercise these rights, you can contact us by means of this online form. We may ask you for additional information to identify you and to able to process your request.
SECURITY
We take all appropriate technical and organizational measures to ensure the security and confidentiality of the processing of Personal Data.
In this regard, we take all necessary precautions, in view of the nature of the Personal Data and the risks represented by its processing, in order to preserve the security of the data and, in particular, to prevent them from being denatured or damaged and to prevent unauthorized third parties from having access (through the physical protection of premises, authentication procedures with secure and personal access by means of logins and password protection, the logging of connections, encrypting certain data, etc.).
CUSTOMER RELATIONSHIP MANAGEMENT DATABASES (“CRM DATABASES”)
We use a database to manage, monitor and develop our commercial relationships with our existing and/or potential customers. This database includes the Personal Data of our employees and our customers or other partners with whom we have a business relationship or with whom we wish to establish such a relationship. These data, which are used exclusively for these purposes, include in particular: contact details (surname, first name, professional telephone number and email address, etc.), information that is accessible to the public, answers to targeted emails and other information collected and recorded by our employees in the context of interactions with our customers and/or partners. This database may be shared with subsidiaries and/or other commercial partners of the Sodexo Group with whom we already have or with whom we wish to have a business relationship. It shall only be used by the latter to send our existing and/or potential customers messages or to offer them services related to their activity. Any individual whose contact details may be transferred can ask these recipients to withdraw them from their CRM database. If you wish to be removed from our CRM databases, please complete our Request form.
LINKS TO OTHER WEBSITES
We occasionally provide links to other websites for practical and information purposes. Most of these websites are Sodexo websites, and some of them operate independently from our websites and are not under our control. These websites operated by third parties may have their own privacy notice or conditions of use, which we strongly suggest you study. We refuse to accept any responsibility for the content of these websites, with regard to the products and services that may be offered on them or regarding any other use.
UPDATES TO OUR PRIVACY POLICY
We may update or amend this policy from time to time in the event that our Services and our legal obligations change in a substantial manner. In the event that we make any significant changes to this policy, we shall publish an information note on our Portal at the time when the changes in question enter into force. Please consult this page regularly to keep track of any modifications.
If you have any questions or comments regarding this policy, please feel free to contact us at dpo.oss.fr@sodexo.com or contact our Group Data Protection Officer at dpo.group@sodexo.com.
Last update: March 2021