PERSONAL DATA PROTECTION POLICY
– RSCU Europe –
RSCU Europe, owner of the Pabobo website, attaches great importance to protecting the privacy of Web users and users of its website and takes care to protect your personal data.
1. PURPOSE AND SCOPE OF THE POLICY
The Personal Data Protection Policy sets out the terms and conditions for collecting and processing your personal data through our website. It explains which of your data we are likely to collect, how we use them, who we might share them with, and the measures we take to keep them safe (hereinafter, the “Policy”).
Some of the hypertext links and social media buttons on our site may redirect you to third-party websites that do not belong to RSCU Europe. They may be operated by our partners. The publishers of these third-party sites have their own personal data protection rules, which may differ from ours. It is up to you to read them. RSCU Europe is not liable for the use the publishers of these third-party websites make of your personal data on their own behalf.
2. YOUR AGREEMENT TO OUR POLICY
To use our website, you must agree to this Policy in its entirety. If you disagree with any of its terms, you are free to not use our site or online services, or to stop using them in the event the Policy has been modified.
The content of our Policy may change over time to take functional and regulatory changes into account. You will systematically be informed of updates by any means of communication (e.g., an email or a pop-up window).
It is generally easier to access the Policy through a tab that always appears at the bottom of our web page.
3. COMPLIANCE WITH APPLICABLE LAW
The processing of users’ Personal Data is govered by Regulation (EU) 2016/679 of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (the “GDPR”) and French law no. 78-17 of January 6, 1978 on information technology and civil liberties, as amended (“IT and Civil Liberties Law) (hereinafter the “Regulations”).
For the purposes of this Policy, the term “personal data” means any data related to an individual that may be directly or indirectly identified by that data, such as the first and last name, email or street address, telephone number, etc. (hereinafter, “Personal Data”).
According to the Regulations, RSCU Europe is liable for the processing of personal data carried out through its Pabobo website and must comply with its legal and regulatory obligations under those Regulations.
4. WHAT PERSONAL DATA DO WE COLLECT AND WHEN?
Through our Pabobo website and by means of our online forms, we collect the Personal Data of users who wish to:
- Contact us with any questions, in particular to learn more about our products;
- Receive our newsletters;
- Find the closest store where they can buy our products;
- Obtain a selection of the products that are most appropriate for their children.
The Personal Data we collect and process concerns:
- Your identity: your first and last names and title;
- Your contact details: street and email addresses and telephone number;
- Your connection data: IP address, connection logs, and geographical location if you authorize that;
- Any other information you voluntarily provide in the fields for comments on our online contact forms.
Moreover, subject to your consent, we collect browsing data and information every time you visit our Pabobo website. These data and information are saved in “Cookie” files installed on your computer. To learn more, read Section 10 of this Policy.
5. WHY DO WE USE YOUR PERSONAL DATA?
We collect and process data about you so we can:
- Manage the customer-prospect relationship (e.g., reply to your requests for information or regarding our after-sales service);
- Send newsletters, sales requests, promotional materials, and alerts that match your email selection criteria;
- Improve our website quality (e.g., measure site traffic);
- Ensure Personal Data security (e.g., prevent digital data theft);
- Resolve any disputes or solve any problems related to using our services.
RSCU Europe will not access or use your Personal Data for any purpose other than those listed above.
6. WHAT IS THE LEGAL BASIS FOR COLLECTING YOUR DATA AND HOW LONG CAN WE KEEP IT?
6.1 – Legal bases for processing
The legal bases for processing your Personal Data vary depending on what we use the data for.
Those legal bases include:
- Agreement: we must process your Personal Data to perform an agreement you have signed (e.g., after-sales service).
- Consent: you give your express consent to the processing of your Personal Data (such as by checking a box or clicking a link). You may withdraw your consent at any time.
- Legitimate interest: RSCU Europe has a commercial interest in processing your data. The processing must be warranted, balanced, and not infringe your privacy. Subject to any exceptions, you may object at any time to processing based on a legitimate interest. Just contact us.
- Legal obligation: a law or regulation requires us to process your Personal Data.
The legal bases for our data processing are set out in the table below.
6.2 – Retention period
Personal Data retention periods may have a different number of days, months, or years depending, in particular, on:
- Your profile: prospect or customer;
- The type of Personal Data collected and the purpose for collecting them (e.g., connection log or email address);
- The entity in charge of processing your Personal Data, namely RSCU Europe and/or partners that set their own data retention policies.
In addition, even if you decide to stop using our services, we must retain your Personal Data to satisfy certain obligations, such as to comply with applicable law, manage complaints and/or disputes, defend ourselves or assert our rights, and respond to requests from authorized public authorities.
In all cases, the retention period must satisfy legal and regulatory requirements and follow the recommendations of the French IT and civil liberties commission (Commission nationale informatique & libertés, or CNIL). We therefore do not retain your Personal Data any longer than is necessary, and when we no longer need them, we destroy them securely in accordance with our internal policy or anonymize them.
Here are some examples of Personal Data retention periods:
7. WHO DO WE SHARE YOUR PERSONAL DATA WITH?
7.1 – Internal disclosures
Your Personal Data may be disclosed within our company to make sure our website works properly (e.g., to answer your requests for information or put you in contact with our after-sales service department).
7.2 – Disclosure to our providers
In connection with our business, we disclose your Personal Data to third parties involved in providing our services (technical and site hosting providers, security incident management, after-sales service management, etc.). RSCU Europe will transfer your Personal Data only to authorized, trustworthy providers who will process them for us according to our instructions.
7.3 – Disclosure for legal reasons
Your Personal Data may also be disclosed to third parties:
- If RSCU Europe is required to do so by a law, regulation, or judicial order, or if such disclosure is necessary to an investigation, injunction, or other legal proceeding in France or abroad;
- To enforce the Policy (including to officially note any breaches of it) and protect the rights, property, and safety and security of RSCU Europe and its users, pursuant and according to the law (e.g., disclosure to lawyers and court officers (huissiers)).
8. HOW DO WE KEEP YOUR PERSONAL DATA SECURE?
We take organizational and technical measures to protect your Personal Data from unauthorized access and disclosure, modification, alteration, damage, accidental loss, and accidental or illicit destruction, as well as from any other form of illicit processing or disclosure to unauthorized individuals or entities.
To do so, we require our staff and technical service providers to follow strict data security and protection rules (e.g., they assume a contractual non-disclosure obligation, use encryption and anonymization, and take physical safety measures).
Moreover, we store your Personal Data on servers located in a European Union member state, though some of our providers are located outside the European Union. When that is the case, we systematically require them to take measures to secure the transfer of Personal Data to their country (e.g., by agreeing to the European Commission’s standard contractual clauses or so-called “Binding Corporate Rules”).
9. WHAT RIGHTS DO YOU HAVE OVER YOUR PERSONAL DATA?
9.1 – List of your rights
All Web users whose Personal Data are processed by RSCU Europe have the following rights:
- Right to access (e.g., to verify the data we have about you and obtain a copy);
- Right to rectification (e.g., update or correct your data if they are incomplete or incorrect);
- Right to object at any time to the collection or processing of any or all of your data, for example for commercial prospecting purposes. This right affords you the ability to change your notification preferences at any time;
- Right to restrict processing (e.g., in some cases provided for by law, if you contest the processing of your data, you may demand that we limit the use of your data while our dispute is being handled);
- Right to portability (e.g., you may recover your data or demand that they be transferred to third-party providers);
- Right to erasure (e.g., you may demand that your data be definitively deleted).
9.2 – How to exercise your rights
You may exercise your rights at any time by sending your requests to the addresses mentioned in Section 11 below. We may ask you for proof of identity.
If you contact us to exercise any of your rights, we will try to respond as soon as possible, and in any event within the legally required response time of one month from receipt of your request.
If necessary and as permitted by law, that response time may be extended to two months if you send us complex or numerous requests. In such case, you will be informed of the extension and the reasons for it.
If RSCU Europe does not act on your request, we will inform you of the reason for our inaction and, if you so deem necessary, you may file a claim with the CNIL and/or in court.
9.3 – The CNIL
To know more about your rights or to file a claim, contact the CNIL (https://www.cnil.fr/).
10. HOW DO WE MANAGE COOKIES ON OUR WEBSITE?
10.1 – What are cookies?
10.2 – What types of cookies do we use?
- Cookies strictly necessary to our site’s operation
These cookies are needed so our Pabobo site will work properly. They enable users to use the site’s main features. Without these cookies, you will not be able to use the site normally. We only have to inform you that we are installing them on your computer. They do not allow us to track your behavior or identify you.
- Cookies to help us measure site traffic
These cookies measure traffic so we know how our site is being used, how it performs, and what we can do to improve it (e.g., the most-visited pages and number of visitors). RSCU Europe can thus measure its website’s traffic using tools provided by Google (Google Analytics).
- Session cookies
As recommended by the CNIL, the cookies on our site are only temporary:
- We store your cookie preferences for six months;
- We store the data collected by traffic-measurement cookies for 13 months.
You can manage cookies on our site in various ways:
a) by making your selection via the cookie banner you see when you first connect to our site;
b) by making your selection via the cookie manager (“settings”) at the bottom right of the page under the “Manage my cookies” tab;
c) by configuring your browser.
You can configure your computer at any time:
- By agreeing to all cookies,
- By opting to be informed when a cookie is installed,
- By refusing only certain cookies, or
- By refusing all cookies.
Configuration instructions are provided for this purpose on each browser’s website. To access them, follow the instructions below.
For Internet Explorer: In Internet Explorer, click on Tools, then Internet options. Under General > Browsing history, click on Settings, then on Display files.
For Firefox: Go to Tools in the browser and select the Options menu. In the window that opens up, select Privacy and click Display cookies.
For Safari: In your browser, choose Safari > Preferences. Click Security. Click Display cookies.
For Google Chrome: Go to the Tools menu. Select Options. Click on the Advanced options tab and go to the Privacy section.
You can find additional information on the CNIL’s website: https://www.cnil.fr/.
11. CONTACT US!
For any questions about this Policy or more generally about RSCU Europe’s processing of your personal data, contact us:
- by email at: firstname.lastname@example.org;
- by sending a letter to RSCU Europe, 38 rue René Boulanger, 75010 Paris, France.