Privacy policy
This privacy policy aims to explain why we collect your data and how we are committed to protecting it.
Website Publisher
This website is published by GISMAN.
SAS with a capital of €1,380,000.
Registered with the Lorient Trade and Companies Register under number 38068529700042.
Address: 12 Impasse du bois – ZA de Kerstran 1, 56400 BRECH
Telephone: +33 2 97 29 41 21
Publication Director: Mr. Xavier AUBERT
Hosting Provider
This website is hosted by:
OVH
Registered office: 2 rue Kellermann – 59100 Roubaix, France
Tel: +33 (0)8 99 70 17 61
Privacy Policy
GISMAN is committed to protecting your personal data and your privacy.
In this capacity, and in accordance with the General Data Protection Regulation (hereinafter referred to as “GDPR”), we inform you below of the conditions under which your personal data will be processed by us.
What personal data do we process?
Purposes:
We may collect and store your personal data, in particular to :
- Process and respond to your messages,
- Establish and maintain the business relationship that may arise from your messages,
- Process your job application,
- Improve our customer service and support,
- Manage the proper functioning and personalization of our services,
- Detect attacks and pursue legal action against fraud,
- Remember your choices regarding the use of cookies,
- Process and respond to your requests to exercise your rights,
- Comply with current or forthcoming regulatory requirements
Data categories:
- Contact information (e.g., name, surname, telephone number, email address);
- Personal information (e.g., nationality, occupation),
- Your preferences,
- Technical and location information generated through the use of our services
Legal Basis for Processing
The processing of personal data is based on:
- Either the consent of the data subject (Article 6.1.a of the GDPR) for all processing that requires prior consent. In online forms, mandatory fields are marked with an asterisk. If you do not answer the mandatory questions, we will not be able to provide you with the requested services.
- Or for the performance of a contract or the implementation of pre-contractual measures.
- Or for the pursuit of a legitimate interest (Article 6.1.e of the GDPR).
- Or for compliance with a legal or regulatory obligation.
Your data is retained for the period necessary to fulfill the purposes mentioned above.
The retention period for Clients’ personal data depends on the purpose concerned. In this context, Clients’ personal data is retained for the time necessary to fulfill their request. If no action is taken, personal data is deleted within the timeframes recommended by the French Data Protection Authority (CNIL), after a period of three years from the date of collection, subject to:
- legal possibilities and obligations regarding archiving,
- obligations to retain certain data for evidentiary purposes, and/or the anonymization of such data.
The Client’s personal data collected and processed for the purposes of fulfilling offers is retained for the duration necessary to manage the contractual relationship.
By way of exception, personal data required to establish proof of a right or a contract is archived in accordance with legal provisions (5 or 10 years after the end of the business relationship, as applicable).
Who are the recipients of your data?
Your personal data is intended for GISMAN.
Our internal services: It is processed by staff in our various departments, such as the sales department or the IT security department.
Traffic analysis (such as Google Analytics)
We sometimes need to allow our partners to process, on our behalf, the personal information we hold about you for the purposes stated in this policy or for any other reason required by law.
Customer personal data is hosted in France.
If we use a service provider located outside the European Union, we undertake to verify that appropriate measures have been implemented to ensure that personal data benefits from an adequate level of protection.
How does GISMAN keep your data secure?
We implement all organizational and technical measures to ensure an appropriate level of security for your personal data, and in particular to prevent any loss of confidentiality, integrity, or accessibility.
We frequently back up data, physically protect the premises and control entry, where possible we limit access to personal information to only those people who need to process it, ensure that these third parties guarantee the same level of protection to said personal data, and implement technical and organizational measures to ensure that the storage of Clients’ personal data is secure for the period necessary to fulfill the purposes pursued.
What are your rights regarding your personal data?
In accordance with applicable regulations, you have the following rights:
- The right to rectification: You have the right to have inaccurate personal data concerning you corrected. You also have the right to have incomplete personal data completed by providing a supplementary statement. If you exercise this right, we undertake to communicate any corrections to all recipients of your data,
- The right to erasure: In certain cases, you have the right to have your data erased. However, this is not an absolute right, and we may retain this data for legal or legitimate reasons,
- The right to restriction of processing: In certain cases, you have the right to restrict the processing of your data,
- The right to data portability: You have the right to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format for your own use or to transmit it to a third party of your choice. This right only applies when the processing of your data is based on your consent, on a contract, or when this processing is carried out by automated means,
- Right to object to processing: You have the right to object at any time to the processing of your data for processing based on our legitimate interest, a task carried out in the public interest, and for direct marketing purposes. This is not an absolute right, and we may refuse your objection request for legal or legitimate reasons,
- Right to withdraw your consent at any time: You can withdraw your consent to the processing of your data when the processing is based on your consent. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal,
- Right to lodge a complaint with a supervisory authority: You have the right to contact your data protection authority to complain about our personal data protection practices.
In accordance with the GDPR, the conditions for exercising these rights may vary depending on the legal basis for the processing mentioned in the first paragraph.
We will respond to any request for your rights as soon as possible and in any event within 30 days of receiving the request.
We reserve the right:
- To request proof of the requester’s identity if there is reasonable doubt about it, in order to comply with our obligation of confidentiality;
- To extend the response time by two months, informing the requester of this extension and the reasons for the delay within one month of receiving the request;
- To refuse to respond to a request for your rights if it is considered abusive (given its number, repetitive nature, or systematic character).
Who to contact for all GDPR-related requests?
To exercise your rights, you can contact us:
GISMAN
GISMAN SAS with a capital of €1,380,000.
Registered with the Lorient Trade and Companies Register under number 38068529700042.
Address: 12 Impasse du Bois – ZA de Kerstran 1, 56400 Brech
Telephone: +33 2 97 29 41 21
Publication Director: Mr. Xavier AUBERT
If, despite our efforts and commitments, you believe that your rights concerning your personal data have not been respected, you may file a complaint with the French Data Protection Authority (CNIL): CNIL, 3 Place de Fontenoy, TSA 80715, 75334 Paris Cedex 07
Subject to Changes to the Data Protection Policy
This Personal Data Protection Policy may be updated. As we are constantly developing our services, we reserve the right to modify this Privacy Policy in accordance with applicable legal provisions. Any changes will be published on this document in a timely manner. We advise you to check this page regularly to be aware of any changes or updates to our privacy policy.
Cookie Policy
What is a “cookie”?
Cookies are small text files that a website saves on your computer or mobile device when you visit the site.
They enhance your online experience by saving browsing information. Cookies allow websites to keep you logged in, remember your site preferences, and offer personalized content. Cookies can also be used to compile statistics on browsing behavior and to display targeted advertisements.
In general, cookies can be classified by:
Domain:
- First-party cookies are issued by a website that a user visits directly.
- Third-party cookies are not created by the website visited, but by a third party such as Google Analytics, DoubleClick, Facebook, Twitter, LinkedIn, YouTube, Vimeo, etc.
Purpose:
- Strictly necessary cookies are required for the website to function properly.
- Preference cookies allow a website to remember choices you have made in the past.
- Statistics cookies help the website owner collect statistical data and understand how visitors interact with the website.
- Marketing cookies track the user’s online activity to help advertisers deliver more relevant ads.
Duration:
- Session cookies are deleted when the user closes the browser.
- Persistent cookies remain on the user’s device for a certain period of time.
What cookies and trackers do we use?
Strictly Necessary cookies
Cookie key Domain Path Cookie type Expiration Description
PHPSESSID
First-party Session Cookie generated by applications based on the PHP language. This is a general purpose identifier used to maintain user session variables. It is normally a random generated number, how it is used can be specific to the site, but a good example is maintaining a logged-in status for a user between pages.
Performance cookies
_gid
First-party 1 day This cookie is set by Google Analytics. It stores and update a unique value for each page visited and is used to count and track pageviews.
_gat
first-party 1 minute This cookie name is associated with Google Universal Analytics, according to documentation it is used to throttle the request rate – limiting the collection of data on high traffic sites.
_ga
First-party 2 years This cookie name is associated with Google Universal Analytics – which is a significant update to Google’s more commonly used analytics service. This cookie is used to distinguish unique users by assigning a randomly generated number as a client identifier. It is included in each page request in a site and used to calculate visitor, session and campaign data for the sites analytics reports.
Targeting cookies
Cookie key Domain Path Cookie type Expiration Description
YSC
More info .youtube.com / Third-party Session This cookie is set by YouTube to track views of embedded videos.
VISITOR_INFO1_LIVE
More info .youtube.com / Third-party 6 months This cookie is set by Youtube to keep track of user preferences for Youtube videos embedded in sites;it can also determine whether the website visitor is using the new or old version of the Youtube interface.
Your cookie preferences
When you first arrive on the site, a cookie banner offers you the option to accept or refuse cookies that are not essential for the site’s operation. You can refuse/disable cookies at any time, except for cookies necessary for the stable operation of the site. You have the option to change your cookie management preferences at any time.
