POLICY ON THE PROTECTION OF PERSONAL DATA

 

Introduction

NG Concept knows that you value how your personal data is processed and recognizes the importance of protecting your privacy.

This Privacy Policy explains how NG Concept collects and processes your personal data. It contains information about the type of data we collect, how we process it, and for what purposes.

This Policy was last updated on March 26, 2020.

 

Basic Principles – Our Privacy Commitment

NG Concept undertakes to treat personal data in accordance with the regulations applicable to the protection of personal data and privacy, in particular in accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) – (hereinafter ‘the Regulation’).

 

We are committed to respecting the following principles:

  • we collect and process your data only for the purposes described in this Policy or for specific purposes that we have informed you and / or for which you have consented;
  • we adopt the principle of minimising the collection of personal data: i.e. we collect only the personal data necessary for the processing and uses envisaged, without collecting data in an unnecessary way;
  • if personal data in our possession are no longer useful for the processing we carry out, and if there is no legal obligation for us to keep them, these data will be deleted or made anonymous.

 

DEFINITIONS

 

Personal data:

Any information relating to an identified natural person, directly or indirectly. For example, a person is identified directly by his or her first and last name and indirectly by his or her telephone

 

Processing of personal data:

Any operation or set of operations performed or not performed using automated processes and applied to personal data or sets of personal data, such as collection, recording, organisation, structuring, storage, adaptation or modification, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, deletion or destruction.

 

Data Controller :

Natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes (“why?”) and means (“how?”) of the processing of personal data.

 

Data Processor :

Natural or legal person, public authority, department or other body processing personal data on behalf of the controller.

 

What personal data do we collect?

The personal data we collect varies depending on the purpose of the collection and the service we provide to you.

 

In general, we may collect the following categories of personal data directly:

  • personal details, such as your name, first name, e-mail address, postal address and telephone number(s);
  • browsing histories, such as pages visited, date of visit, location during the visit, or IP address;
  • data on your CV if you are applying for a job offer;

 

For what purposes do we collect your personal data?

We collect your personal data for the following purposes:

  • to contact you, to process and respond to your requests for information;
  • to develop and improve our products, services, and the functionality of our websites, or our applications and services;
  • to authenticate the identity of individuals who contact us by telephone or other means;
  • to create an account when you register for our applications and services;

We may also need your personal data to meet legal obligations or as part of the contractual relationship we have with you.

When we collect and use your personal data for the purposes mentioned above or for any other request, we will inform you before or at the time of collection.

When necessary, we ask for your consent to process your personal data. If you have given your consent for activities related to the processing of your personal data, you have the right to withdraw this consent at any time.

 

Who is the controller?

Personal data are collected, processed and used by NG Concept SAS, ZI Rue de l’Europe, 57370 PHALSBOURG.

 

What are your rights and how can you exercise them?

When we process your personal data, you are entitled for a number of rights that you can exercise at any time. Below is an overview of these rights and what they mean for you.

 

The right to access your personal data and the right of rectification

It is important to us that the personal data we hold about you is accurate, up-to-date, complete and relevant. In order to ensure that we comply with this commitment, you have the right to access, correct or update your personal data at any time.

 

The right to the portability of your data

You have the right to receive your personal data in a structured, commonly used and machine-readable format.

 

The right to request the deletion of your personal data

You have the right to request the deletion of your personal data when :

  • your personal data are no longer necessary for the purposes for which we have collected them; or
  • you withdraw the consent you previously gave us to process your personal data, provided that there is no other legal basis for us to continue processing your personal data; or
  • you believe that personal data are not processed legally; or
  • your personal data must be deleted in order to comply with the legislation in force.

If you wish to have your personal data deleted, please let us know and we will take reasonable steps to respond to your request in accordance with legal requirements.

If the personal data we collect is no longer necessary for any purpose and there is no legal obligation for us to retain it, we will make every effort to delete or anonymize such data.

 

The right to restriction the processing of your data

You have the right to request restriction of the processing of your personal data if:

  • you believe that the personal data we have about you is inaccurate; or
  • with regard to personal data that are not processed legally, you prefer that we restrict their processing rather than delete them; or
  • we no longer need your personal data for the purposes for which we have collected it, but you need the data in order to establish, exercise or defend legal claims; or
  • you have objected to the processing of your personal data and are waiting to find out whether your interests related to this objection prevail over the legitimate grounds pursued by FM Logistic.

If you wish to restrict the processing we do on your personal data, please let us know and we will take reasonable steps to respond to your request in accordance with legal requirements.

 

The right to object to the processing of your personal data

You have the right to object to the processing of your personal data at any time.

 

The right to file a complaint with a supervisory authority

You have the right to file a complaint directly with a supervisory authority, such as the CNIL, about the way we handle your personal data.

 

To exercise your rights

You can exercise your rights by contacting FM Group Data Protection Officer by email at dpo@fmlogistic.com, describing your request and accompanying it with any signed identity document certified as true to the original.

 

How long will your data be kept?

Personal data will be deleted or made anonymous as soon as they are no longer necessary to achieve the purpose for which they were collected. In addition, data may be retained if this has been provided for by the European or national legislator in the EU regulations, laws or other provisions to which the responsible person is subject.

 

How do we protect your personal data?

We are aware of the importance of the security of your personal data. We do our best to protect your personal data from misuse, interference, damage, unauthorized access, modification or disclosure and we have many security measures in place to protect your personal data.

 

Sharing your personal data:

When we share your personal data with our subsidiaries or other organizations, we ensure that we do so only with organizations that have significant data and storage security measures in place and that comply with privacy laws, under conditions equivalent to those we respect.

 

International transfers of your data:

Personal data may be processed outside the European Economic Area (EEA). If this is the case, FM Logistic will do its utmost to ensure that this international data transfer has an adequate level and guarantees of security.

 

The guarantees we use to protect international data transfers include:

  • model standard contractual clauses validated by the European Commission. These standard clauses provide a sufficient guarantee because they make it possible to comply with the relevant levels of security as required by the regulations on the protection of personal data, and in particular in relation to the Regulation (the above-mentioned regulations and the Regulation being referred to together as “Regulations”)
  • by certification mechanisms that certify that third parties located outside the EEA process personal data in accordance with the Regulations. These certifications must be approved either by the European Commission, by the competent supervisory authority under the Regulation, or by the national accreditation body designated in accordance with the Regulation.

 

Cookies and other technologies

Through our use of cookies, we may also collect personal data about you when you visit our third-party websites or websites, or our mobile or third-party applications. This may include:

  • information about your device’s browser and the operating system you are using;
  • the IP address of the device you are using;
  • the web pages you visit;
  • the links you click on while interacting with our services.

 

This data is also collected by third party service providers to:

  • maintain and support websites
  • facilitate our services
  • assist us in analyzing the use of our services

Third party service providers are required not to disclose or use this data for any other purpose.

 

Personal Data Protection Policy changes

To improve our services, we may modify this Privacy Policy, eg. by introducing new technologies or launching new services. We will notify you prior to the implementation of any additions or changes to this Privacy Policy.