Privacy policy
Privacy Policy
INTRODUCTION
Société Bretonne de Volaille attaches the utmost importance to the protection of your personal data. With regard to the personal data that you entrust to us, we provide you with transparent information on our personal data protection policy
Société Bretonne de Volaille undertakes to process your personal data in compliance with the provisions of the General Data Protection Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR) and Act No. 78-17 of 6 January 1978, as amended, on Data Processing, Data Files and Individual Liberties (French Data Protection Act), which define the conditions under which personal data processing may be implemented.
Any information collected through the website and enabling you to be identified, either directly or indirectly, is considered to constitute persona data and will be processed in compliance with this policy.
We invite you to regularly refer to this section, as Société Bretonne de Volaille may amend this policy at any time.
This Privacy Policy was updated on 30 November 2023.
DATA CONTROLLER AND DATA PROTECTION OFFICER
Société Bretonne de Volaille, with head offices registered to ZI du Lay 56660, Saint-Jean-Brévelay, France is the data controller for data collected and processed on our website (hereinafter referred to as the "Data Controller”).
The Data Controller has appointed a Data Protection Officer, also referred to as the “DPO”, who you may contact at the following address:
PERSONAL DATA
Under the terms of the GDPR, personal data refers to any information relating to an identified or identifiable physical person.
The personal data collected varies according to the purpose of the data collection and the service that you wish to use.
You undertake to provide personal data that is up-to-date and valid, and guarantee that you will not submit any false or incorrect information.
PURPOSES OF PROCESSING, LEGAL BASES AND STORAGE PERIODS
Purpose of the processing: Managing requests submitted to us through the contact form
Legal basis: Legitimate interest (Responding to contact requests)
Storage period: For customers: 3 years from the end of the commercial relationship / For prospective customers: 3 years from the collection of the personal data or from the last contact made by the prospective customer
Purpose of processing: Cookie management
Legal basis: Consent
Storage period: 13 months
YOUR RIGHTS
In compliance with the provisions of the GDPR, you are entitled to exercise the following rights:
- Right of access: the right to obtain confirmation that your personal data is or is not subject to processing, and to be informed of this.
- Right to rectification: the right to have any inaccurate personal data rectified or any incomplete data completed.
- Right to erasure: the right to have your personal data erased, insofar as this is possible.
- Right to object: the right to object to the processing of your personal data, at any time, when this objection is based on our legitimate interest
- Right to withdraw consent: when your data is processed on the basis of your consent. You may exercise this right at any time without having to provide justification for it.
- Right to restriction of processing: the right to request the suspension of the processing of your data for a given period.
- Right to data portability: the right to receive the data that you have provided in a structured format, in a commonly used and machine-readable format, and to send this data to a third party.
- Right of lodge a complaint: the right to lodge a complaint with the CNIL [French Data Protection Agency] if you believe that your rights are being infringed.
You can exercise these rights at any time by contacting us via the following form:
https://www.ldc.fr/rgpd/professionnels/
https://www.ldc.fr/rgpd/consommateurs/
https://www.ldc.fr/rgpd/salaries/
Right to lodge a complaint with the CNIL
If, after having contacted us, you believe that your Personal Data Protection rights are being infringed, you can lodge a complaint with the CNIL: https://www.cnil.fr/fr/plaintes
PROTECTING YOUR PERSONAL DATA
In order to ensure the security of your personal data, we have set up security measures, an in particular access controls, firewalls, and secured servers.
These measures aim to protect your personal data against any loss, theft, misuse, disclosure, modification, interference, damage, or unauthorised access.
ACCESSING YOUR PERSONAL DATA
Your personal data is intended to be solely accessed and used by the Data Controller’s staff, authorised to process such data, and in particular the marketing, sustainable development, IT, sales, quality, and administration departments.
SHARING YOUR PERSONAL DATA
In compliance with the regulations, when we are required to share your personal data with subcontractors for certain purposes described in this Policy, we ensure that their data security and storage systems meet a standard which is, at the very least, equivalent to that of our organisation. We also ensure that our subcontractors comply with the applicable laws on personal data protection, under conditions which are at least equivalent to those with which we comply.
Furthermore, as subcontractors may be required to process your personal data on our behalf and under our instructions, we undertake to ensure that your personal data is not shared or disclosed for purposes other than those described in this Policy. However, we may be required to communicate your data for purposes other than those stipulated in this Policy in cases whereby such communication is required by law or by government authorities.
TRANSFERS OF YOUR DATA OUTSIDE OF THE EUROPEAN ECONOMIC AREA
In principle, we ensure that your personal data is stored within the European Union. However, it is possible that your data may occasionally be transferred to subcontractors or business partners based in other countries, provided they offer an appropriate level of protection, recognised by the European Commission. In the event of your data being transferred to a country with a level of protection that has not been recognised as appropriate, we establish standard contractual clauses which have been approved by the European Commission. These clauses allow for guaranteeing a sufficient level of protection for an individual's privacy and fundamental rights.
THIRD-PARTY WEBSITES
The Data Controller’s website may be associated with third-party websites. Websites hosted by third parties are beyond our control. When you submit personal data on a third-party website, the processing of this data is not carried out on our website, but rather on the third-party website concerned. Any personal data that you provide will be collected and processed in compliance with the privacy policy of the third-party concerned.
Therefore, we cannot accept any liability concerning the practices implemented by such third parties in regard to data protection.
APPLICABLE LAW
This Privacy Policy is governed by and shall be interpreted in compliance with French law.