LEGAL NOTICE
PERSONAL DATA MANAGEMENT
Site (hereinafter “the site”):
GBRL
Publisher (hereafter ” the publisher “):
EDEN 312 SAS
registered at the RCS of Paris 825127947
e-mail address: contact@gbrl.fr
Host (hereafter ” the host “):
GBRL is hosted by OVH, whose head office is located 2 rue Kellermann BP 80157 59053 ROUBAIX CEDEX 1.
GBRL operates through its website, www.gbrl.fr. In this context, GBRL collects and treats a certain amount of personal data concerning the users of its website, its customers.
GBRL places great importance on protecting its users’ privacy and personal data and respecting the regulations in force.
As the data controller, GBRL processes this data according to the methods described below.
What personal data is collected, and why?
Data collected when an account is created or an order is placed
GBRL may collect personal data on its website when an order is placed or an account is created.
The following information is required:
Individual customers: email address, password, title, last name, first name.
GBRL may also request proof of a user’s identity or address and process data regarding customer accounts, orders, payment methods used, chosen setup type, and in general any communication between GBRL and the customer.
The payment data used on the website is only collected by the payment service provider, depending on the payment method used by the customer. GBRL does not have access to this data.
All other information provided by the user is optional (date of birth, for example).
If the information identified as required is not provided, the user will not be able to place his/her order.
Purposes and Legal Bases: Processing this personal data allows GBRL to provide information to the individuals concerned, manage its file of customers and prospects, manage orders and monitor costumer relations with the individuals concerned (specifically deliveries, billing, payment, and any requests or claims), and, as necessary, meet its legal obligations.
Processing this data also allows GBRL to carry out informational and marketing operations such as sending out information about its activities, products and services; carrying out promotional activities, surveys and opinion polls; publishing notices; and establishing statistical data and profiles based on pages visited or orders placed in order to improve and personalize the information. This processing will not result in automated decision-making that has any legal or similarly significant effect on the individuals concerned.
Some data may also be used to fight fraud (which may result in a request for additional documentation) or to improve security on the website.
Processing is based on fulfillment of a contract or precontractual measures requested by the individual concerned, GBRL’s fulfillment of its legal obligations, and GBRL’s legitimate interests to further its business operations, while respecting the rights and liberties of the individuals concerned.
Data collected during newsletter subscription
GBRL may collect personal data when a user subscribes to the newsletter.
The following information is required: email address.
If this information is not provided, the user cannot receive informational emails about GBRL’s activities, products and services.
Purposes and Legal Bases: Processing this personal data allows GBRL to send out information about its activities, products and services and to manage its file of customers and prospects.
Processing is based on user consent.
Data collected via cookies and trackers
Additional data concerning the user may be collected via cookies and trackers used by GBRL under the conditions explained below.
How is Personal data processed?
Personal data is subject to computer processing by GBRL, the data controller, for the purposes described below.
GBRL agrees not to use the data in any other context, or to transmit it to a third party, except in the situations outlined in this confidentiality policy or after informing and, if necessary, obtaining the consent of the individual concerned.
Recipients and Subcontractors: Personal data may be shared, for the purposes described above, with GBRL’s personnel (specifically the sales and marketing departments), subcontractors and service providers (such as its IT service providers for data management, payment service providers, logistics providers for delivery, and marketing service providers, particularly for the purpose of compiling business statistics).
Some service providers may need to transfer customer data outside the European Union.
GBRL endeavors to require its suppliers and service providers to comply with all applicable regulations and, when necessary, to base all transfers outside of the European Union on an appropriate level of protection and sufficient security.
GBRL may also need to share processed personal data with a third party in order to comply with legal obligations, for example, to respond to any claims connected with information and content that may violate the rights of a third party, upon request of a judicial or public authority, or pursuant to a judicial or administrative decision, or a decision made by an independent administrative authority.
Retention and Storage Period: personal data is retained for the purposes described above for the length of time necessary for the fulfillment of these purposes.
Specifically, personal data is used to manage prospect-customer files for a period of three years from the date of last contact from the individual concerned.
GBRL stores this data for the length of time necessary to fulfill its legal obligations and allow for the establishment, exercise or defense of legal claims, equivalent to the duration of the applicable statute of limitations (a maximum period of 10 years starting from fulfillment of the order).
What rights are retained in terms of shared personal data?
Any individual who has provided personal data to GBRL has the following rights regarding that data, in the situations covered by the regulations in force:
The right to access and modify data.
The right to delete data (“the right to be forgotten”).
The right to restriction of processing.
The right to object to the processing of data, particularly the right to object to the use of data for marketing or newsletter mailings upon collection of the data or at any moment thereafter.
The right to the portability of raw data provided to GBRL.
The right to define guidelines regarding the fate of personal data after death.
The right to file a complaint with the competent authority (in particular the CNIL in France).
The right to withdraw consent.
These rights may be exercised by email or regular mail to GBRL at the address below.
These rights must be exercised under the conditions specified by the regulations in force. In particular, a copy of the claimant’s identification card or other documentation proving his/her identity to GBRL may be requested.
Address
GBRL 12 Rond Point des Champs Elysées M. Dassault, 75008 Paris, France
Contact us: here
MANAGEMENT OF COOKIES
GBRL uses cookies and other trackers (hereinafter referred to as “cookies”) on its website, www.gbrl.fr, as outlined below.
What is a cookie?
A cookie is a text file or software item that logs information about your device’s navigation on the Internet. It is controlled by your browser, and sometimes has a unique, random number. You can read, destroy, or modify it.
Why does GBRL use cookies?
GBRL is constantly searching for new ways to improve its website(s) and offer you better service. GBRL uses different types of cookies as specified below. Some of them may require prior permission from the web user before they can be installed on his/her device.
In any case, you have control over these cookies. You can block them, destroy them, or manage their settings.
How do I block and/or uninstall cookies?a. On a computer
There are two ways to uninstall cookies.
The first way is by using your web browser to see the cookies already installed on your computer and delete them, either individually according to cookie type as indicated on the banner, or all at once.
Apple Safari browser: under “Privacy” in the “Preferences” menu, section titled “Cookies and website data.”
Google Chrome browser: under “Privacy and security” in the “Settings” menu, sub-category “Content settings,” section titled “Cookies and site data.”
Microsoft Internet Explorer browser: “Tools” menu, “Internet Options” section, then “General,” then “Browsing history,” then “Settings,” then the window “Temporary Internet Files and History Settings,” and lastly “View files.”
Mozilla Firefox browser: “Tools” menu, “Options” section, “Privacy” sub-section, dedicated “Remove individual cookies” function.
You can also remove cookies manually by following these steps:
Go to your workstation and select the Windows folder on your C drive.
Open the “Temporary Internet Files ” folder and select all files (CTRL+A).
Choose the “delete” option.
You can also configure your web browser to block cookies or display a warning before any cookies are installed. The steps to follow vary from one browser to another, but you can find instructions in the browser’s “help” menu. The browser you use to access GBRL’s websites can be configured independently on each device.
On a smartphone or a tablet
Cookies can be uninstalled or deleted as follows:
Android browser: under “Privacy & security” in the “Settings” menu you can access several functions, including “Clear cache,” “Clear passwords,” “Clear all cookie data,” “Clear form data,” and “Clear passwords.” You can also configure these functions so that cookies will not be saved.• Google Chrome browser: in the “Settings” menu go to “Advanced,” then “Clear browsing data,” and select the data that you wish to delete.
• Apple iOS 8 browser: tap “Settings,” then under the “Safari” tab select “Block Cookies” and choose one of the options offered: “Always Allow,” “Allow from Websites I Visit,” “Allow from Current Website Only,” or “Always Block.” In iOS 7 and earlier versions, you can choose from the options “Never,” “From third parties and advertisers,” and “Always.”
Uninstalling or blocking cookies used on GBRL’s websites in France may affect your website use or even prevent you from using the website.
What types of cookies does GBRL use?
Cookies can be temporary, lasting only as long as your browsing session on that website, or persistent, with a longer lifespan depending on the expiration date assigned to them and your browser settings.
Cookies can be introduced directly by GBRL or by its partners or service providers.
Cookies can generate the collection of anonymous data or data attached to the profile of an identified user. In that case, the data is subject to this GBRL personal data management policy.
There are many different types of cookies. They can be classified into four groups, as defined below.
– Strictly Necessary Cookies
Cookies that are strictly necessary for the provision of an online communication service via electronic means are essential in order for the website to function properly. Disabling them causes serious difficulties in website use, and may make it impossible to access the services offered. These cookies do not retain your information once you leave the site. They are used, for example, to identify devices for routing communication, to number data packets so they can be sent in the desired order, and to detect transmission errors or data loss.
– Functional Cookies
Functional cookies are absolutely necessary for the provision of online communication services expressly requested by the user. They provide a user-specific service. If these cookies are uninstalled, provision of that service will no longer be possible. Functional cookies can collect personal data. With some cookies, this information may be retained after you have left the website, and may be transmitted to partners solely for the purpose of supporting the provision of necessary services. They include, for example, cookies that log user preferences such as language, “user session” cookies (which identify the user when s/he is browsing several different pages, retaining the data only for the duration of the browsing session), or “shopping cart” cookies.
– Audience Measurement Cookies
Audience measurement cookies are used to recognize visitors each time they return to the website. These cookies only store an online user “identifier” (unique to each cookie). Under no circumstances are they used to collect personal information about visitors. They log the pages visited, the duration of the visit and any error messages, allowing us to improve the performance of GBRL websites.
Audience measurement cookies may be installed and managed by our partners, but GBRL limits their use to the requested statistical analysis purposes.
– Targeted Advertising Cookies and Social Media Trackers Generated by Social Media Share Buttons
Targeting and tracking cookies allow third parties to provide services, mainly related to advertising, and to improve their effectiveness. These cookies can log the pages and websites that you visit, and may collect personal data, primarily the IP address of the device used by the web user. The information gathered may be shared with third parties.
For example, these cookies allow advertising departments to display ads that are adapted to your interests based on your browsing history on GBRL’s websites, and to limit the repetition of ads. These cookies require your authorization. When needed, a clearly-visible banner will appear on the website page requesting your permission to install these cookies.
GBRL and third-party providers use first-party cookies and third-party cookies jointly to obtain information and to optimize and display advertising based on visits made to the site. GBRL and its providers also use these two types of cookies to determine the relationship between visits logged on the site and ad views, other uses of advertising services, and interactions with the ad views and advertising services. GBRL and its providers also use these two types of cookies to log your areas of interest and demographic data in order to provide you with targeted advertising.
GBRL uses what are known as social plug-ins (hereinafter “buttons”) that link to social networks like Facebook, Instagram and Twitter.
When you visit our website, these buttons are automatically deactivated. This means that they do not transmit any information to the social networks concerned without your permission. To use these buttons, you must first click them to activate them. The buttons remain active until you disable them again or delete your cookies. Once activated, the system establishes a direct link with the server of the selected social network. The content of the button is then transferred directly from the social network to your web browser, which integrates it into the visited website.
Once you have activated a button, the social network concerned can begin gathering data, whether or not you use the button. If you are logged into a social network, the network can attribute your visit to this website to your user account. Visits to other GBRL websites will not be linked to the initial website unless you also activate the corresponding buttons on these other sites.
If you belong to a social network and do not want that network to establish a link between the data collected during your visit to our website and your stored membership information, you must log out of the social network in question before activating the buttons.
Please note that we have no control over the amount of data collected by social networks via these buttons. To find out how much data is collected and the purpose of the data collection, as well as how the information is processed and used by the social networks and your rights and configuration options to protect your privacy, please read the data protection terms published by the social networks concerned.
Our website uses the following social media buttons:
facebook.com, operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”). You will find a list and overview of Facebook’s social plugins at: developers.facebook.com. For more information about Facebook’s privacy policy, go to: facebook.com/policyYou can also block Facebook’s social plugins with add-ons for your browser, for example the “Facebook Blocker.”
Twitter’s services are managed and provided by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. You will find the code of conduct for developers at: dev.twitter.com For more information about Twitter’s privacy policy, go to: twitter.com/privacy
Instagram is operated by Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, D2 Dublin, Ireland. You will find a list of social