The General Data Protection Regulation (GDPR), which comes into force on 25 May 2018, defines the principles to be respected when collecting, processing and storing personal data. They also guarantee the rights of data subjects.
Several forms are present on the https://qrnutri.com site to collect a visitor’s data:
1. Objectives
The purpose of collecting data on the qrnutri.com site is to create a management file for PROOFTAG’s prospects and customers. This file is used for statistical purposes, to contact and/or offer relevant content to contacts.
2. Relevance of the data
In order to best follow the interest of PROOFTAG’s prospects and customers, the file collects all information from visitors to the site qrnutri.com relating to identity, professional information and its activity on the site qrnutri.com In accordance with the Data Protection Act, information relating to racial or ethnic origins, political opinions, philosophical or religious, trade union membership, health or sex life of a person are not collected and are prohibited (sensitive data).
3. Lawfulness of the processing and conditions applicable to consent (Art.6 and Art.7 of the GDPR)
The consent to the processing of a visitor’s personal data is systematically obtained for one or more specific purposes. For example, when entering a form to subscribe to the newsletter or download a resource, the purpose of obtaining the visitor’s email address is to send him a notification when new publications are made or to propose resources that may be of interest to him.
4. Data retention
The data collected on the qrnutri.com site is kept for a maximum period of 12 months for anonymous contacts, after the last activity on the website by the person. On the other hand, for identified contacts, the data collected on the qrnutri.com site are kept for a maximum period of 36 months. At the end of these periods, all personal data is automatically deleted.
5. Rights of individuals (Art.16 to 20 of the GDPR)
In accordance with the Data Protection Act and the GDPR, any person may exercise his right of access, rectification, opposition, limitation of processing, deletion and portability of data concerning him by making the request by signed mail and accompanied by a copy of an identity document to the address of the registered office, or by sending an email to our Privacy Standards Officer at contact@yoortag.com.The person responsible for the file will make a response no later than one month following the request for access or rectification.
6. Data security and processing (Art. 32 of the GDPR)
The data collected on the qrnutri.com site and the associated processing are hosted by the company PROOFTAG. Only persons related to the technical, marketing and commercial service of the company PROOFTAG and its subcontractors have access to the information collected on the site qrnutri.com
7. Data breach and communication within 72 hours (Art. 33 and Art. 34 of the GDPR)
In the event of a breach or suspicion of a breach of personal data, PROOFTAG and its subcontractors will notify the CNIL, 72 hours at the latest, after having become aware of it.