The Sogelink Group* pays particular attention to the personal data protection of each Sogelink Group user and undertakes to ensure the highest level of protection of this data in compliance with the provisions of Law no. 78-17 of 6 January 1978 relating to Information Technology, files and freedom (“Data Protection Act”) and European Regulation 2016/79 of 27 April 2016 relating to the protection of individuals with regard to the processing of personal data and on the free movement of this data (“GDPR”).The purpose of this Privacy Policy is to inform all relevant individuals (“You” or “Your”) about the way the Sogelink Group uses personal data and about the resources available to you to control, rectify or object to its use.
Identification of the data controllerSogelink, SAS, with its registered office at 131, chemin du Bac -à-Traille 69300 Caluire-et-Cuire, and registered with the Lyon Trade and Companies Register under number 905 343 604, is the data controller responsible for processing your data.*Within this Privacy Policy, the Sogelink Group uses “we”, “us” et “our” to refer to the data controller and all the Sogelink Group’s subsidiaries, namely the companies GEO2LINK GROUP (RCS Lyon no. 893 688 630), SOGEOLINK (RCS Lyon no. 905 343 604), SOGELINK (RCS Lyon no. 893 688 630), ATLOG (RCS Lyon no. 384 355 285), SOGELINK GROUP (RCS Lyon no. 824 354 146), GEODESIAL (RCS Nantes no. 827 608 324), GEOMENSURA (RCS Nantes no. 380 270 355), GEOMEDIA (RCS Brest no. 350 252 318) and BLOC-IN-BLOC (RCS Nantes no. 824 583 447), RCS being the French abbreviation for the Trade and Companies Register.The Sogelink Group’s data protection representative can be contacted at the following email address: dpo@sogelink.com
What Personal Data do we collect?The Sogelink Group may collect personal identification information (surname, first name, email address, position, telephone number, country/town, etc.), hereinafter referred to as “Personal Data”.However, it is essential to clearly state here that the Sogelink Group does not process any sensitive data such as personal data giving racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, nor the processing of genetic data, biometric data to uniquely identify an individual, health data, or data about the sex life or sexual orientation of an individual, or personal data relating to criminal convictions and offences, as they are outside the scope of the Sogelink Group’s activity, and are not required for any of the Group’s data processing.
How do we collect your Personal Data?The Sogelink Group collects and processes Personal Data when you:
use the contact form on the Sogelink Group website;
use or view our website via your browser’s cookies.
How do we use your Personal Data?Your Personal Data is used for an explicit, specified and legitimate purpose. The Sogelink Group collects your Personal Data to:
answer and follow up your questions and requests for information;
better assess the needs of website visitors;
send out marketing communications (e.g. invitations to specific events) via e-mail.
What security and protection exists for your Personal Data?The Sogelink Group endeavours to preserve the quality and integrity of users’ personal information. We are committed to guaranteeing a high level of protection for personal data through methods designed to preserve its confidentiality and integrity. The information systems and security policies the Sogelink Group and our suppliers apply internally ensure that users’ personal data is protected against any unauthorised access, misuse, alteration, destruction or accidental data loss.Only personnel authorised by the Sogelink Group have access to the data or are involved in its processing and are required to respect the confidentiality of users’ Personal Data. The security and confidentiality of Personal Data also depend on shared best practices, which is why the Sogelink Group’s staff are regularly advised on good security practices.The Sogelink Group assures that no Personal Data shall be communicated to third parties, institutions or governmental authorities, except if required by law or legislation.The Sogelink Group has a virtualised infrastructure within a European Cloud known as CISPE (https://cispe.cloud/) where mainly Personal Data is stored.The CISPE Data Protection Code of Conduct (CISPE code) is the first pan-European data protection code of conduct for Cloud infrastructure service providers and complies with Article 40 of the European General Data Protection Regulation (GDPR). It was approved by the European Data Protection Board (EDPB) in May 2021 and was formally adopted by the French Data Protection Agency (CNIL – Commission Nationale Informatique & Libertés), acting as the lead supervisory authority, in June 2021.The data centres used by the Sogelink Group comply with some of the most demanding standards and certifications, in line with the Sogelink Group’s uncompromising policy on the security of its data and processing: – ISO 9001 – ISO 27001 – ISO 27017 – ISO 27018 – SOC 1 – SOC 2 – SOC 3.The Sogelink Group guarantees it will execute its Data Protection storage and processing exclusively within the European Union, in strict compliance with the current regulations.The Sogelink Group only keeps your Personal Data for the time necessary for the process for which they were collected, in compliance with the current legislation and taking into account the limitation periods.Details of the technical and organisational measures implemented to ensure the security of Personal Data are available on request in the relevant document.
MarketingThe Sogelink Groupe may send you information about our products, services or events that may be of interest to you. If you have agreed to receive marketing information, you can always unsubscribe later. You can ask Sogelink Group to stop contacting you with marketing information at any time. If you no longer wish to be contacted with marketing information please write to us at the following address: newsletters@sogelink.com
What are your rights regarding the protection of your Personal Data?The Sogelink Group would like to ensure that you are fully aware of your rights with regard to the protection of your Personal Data. In compliance with the applicable laws and regulations, you have the following rights:
Right of access: You have the right to access and request a copy of your Personal Data from the Sogelink Group.
Right of rectification: You can ask the Sogelink Group to rectify your Personal Data if you believe that they are incorrect. You can also ask the Sogelink Group to complete your Personal Data if you believe that they are incomplete.
Right to deletion: You can ask the Sogelink Group to delete your Personal Data.
Right to limitation of processing: You can ask the Sogelink Group to discontinue the processing.
Right of opposition: Under certain circumstances, you can ask the Sogelink Group to stop processing your Personal Data.
Right to data portability: You can ask the Sogelink Group to transfer the Personal Data that it collects about you to a third party of your choice, or directly to you.
Right to lodge a complaint with a national supervisory body: You have the right to contact a national supervisory body (in this case the CNIL for France) in order to lodge a complaint concerning the processing of your Personal Data by the Sogelink Group.
Please note that the exercising of these rights may be legally subject to certain exceptions or conditions.If you wish to exercise your rights, please contact us (see “How to contact us” Section below).
CookiesCookies are text files that are downloaded to your computer, phone or another device to collect information about the connection to the website and visitor behaviour. When you visit the Sogelink Group’s website, the Sogelink Group automatically collects information about you via cookies or similar technology.For further information on the terms and conditions under which the Sogelink Group may use cookies or similar technology, please refer to our Cookie Policy.
Privacy Policy updateThe Sogelink Group reserves the right to update its Privacy Policy, in particular in the event of legislative, regulatory and Community developments. We advise you to regularly consult this document, which is available on our website so that you are promptly informed of any changes in the way that we process your Personal Data.
How to contact usIf you have any questions about this Privacy Policy or your Personal Data held by us or if you wish to exercise any of your rights regarding the protection of your Personal Data, please contact us:
via the contact form available on the “Contact – Exercising rights” tab;
or by writing to us at the following email address: dpo@sogelink.com.