Data Protection Policy

Introduction

Purecontrol is committed to ensuring the confidentiality of the data we collect and to implementing all appropriate technical and organizational measures to preserve their security and integrity, particularly against accidental loss, alteration, disclosure, or unauthorized access. This policy outlines what we do with your personal information.

These cookies are valuable tools that help us understand how you interact with our site. To comply with current privacy regulations, we request your explicit consent for the use of non-essential cookies. You have complete control over these preferences: you can accept all cookies, reject them, or customize them according to your needs. By accepting the use of cookies, you help us create a more efficient and personalized online experience while safeguarding your privacy. For more details on the purpose, use, and management of cookies, please refer to chapter 4 in the policy below.

How to Change Your Cookie Preferences?

Some features of this site rely on the use of cookies. However, you can opt-out of their use by clicking the ” Révoquer le consentement / Revoke consent ” button below and then clicking “I refuse” on the cookie banner. Revoke consent

1. Data Collection Controllers

The General Data Protection Regulation (GDPR), which came into effect on May 25, 2018, defines the principles to be followed in the collection, processing, and retention of personal data. It also guarantees rights for individuals.

  • A Data Privacy Officer (DPO) has been appointed within Purecontrol. They are responsible for assisting our clients for Purecontrol with any questions related to these topics related to Purecontrol and its clients, the website, and site visitors.
    Our Data Protection Officer (DPO) can be contacted using the contact information available at the end of this page.
  • For Personal Data collected in the context of the User’s contact and browsing on the Site, the data controller is: Purecontrol. Purecontrol is represented by Gautier Avril or Geoffroy Maillard, its legal representatives.

2. Data collected

2.1 Relevance of Collected Data

Whenever Purecontrol processes Personal Data, Purecontrol takes all reasonable measures to ensure the accuracy and relevance of the Personal Data with respect to the purposes for which Purecontrol processes them.

Your personal data is collected and processed based on the legal grounds defined by the GDPR.

In order to better follow the interest of prospects, clients, and candidates of Purecontrol, we are required to collect and process the following personal data:

  • Identification data (e.g., name, first name, email address, phone number, geolocation, device used).
  • Connection / browsing data (e.g., IP address)
  • Business data (e.g., customer typology)

In accordance with data protection laws, information related to racial or ethnic origins, political, philosophical or religious opinions, trade union membership, health, or sexual life of a person is not collected.

2.2 Lawfulness of Processing and Conditions Applicable to Consent (Art 6 and 7 of the GDPR)

The consent for the processing of a visitor’s personal data is systematically obtained for one or more specific purposes.

In the event that your personal data is collected through a form, you will be informed of the mandatory nature of the information by an asterisk (*) next to the relevant fields.The absence of an asterisk means that the requested information is not mandatory.

Only personal data that is strictly necessary for the purposes described below is collected.

In general, your data is collected directly from you during:

  • Your connections to the site and your browsing on the site (subject to cookie acceptance)
  • Your request for information or document download through the contact form (modifiable and revocable upon request via dpo@purecontrol.com)
  • Your subscription to the newsletter (revocable via an automatic unsubscribe link)
  • Your spontaneous application through the contact form; in this case, this information may be kept for 2 years
  • You can make a request to our recruitment department to modify or delete your personal information after your application.

3. Processing Purposes

Your personal data is processed for the following purposes

3.1 Purposes Necessary for Providing Products or Services

  • Managing the relationship with you within a commercial relationship
  • Improving and optimizing the quality of our services and website
  • Statistics, analysis, and audience measurement
  • Updating your personal information in a dedicated database
  • Sending information about changes or developments in our services
  • Managing the exercise of your rights regarding your personal data

3.2 Marketing Purposes Related to Publications, Products, and Services

  • Offering marketing, advertising, and promotional offers related to our products and services by email, mobile notifications, social media, or any other medium
  • Compiling commercial statistics.

3.3 Data Retention Period

Your personal data is retained for a duration in compliance with legal provisions or proportionate to the purposes for which they were collected. However, your personal data is retained for a longer period when legal and regulatory obligations require it.

Retention periods vary depending on whether we have an ongoing contractual relationship (you are an active customer), whether we have had a contractual relationship with you in the past (you are an inactive customer), or whether we have never had a relationship of this type with you (in which case you are a prospect).

In the case of an application, our HR team may keep your CV and cover letters for the purpose of future recruitment opportunities. The maximum retention period will be two years from the date of your application. After these two years, your personal data (CV, cover letter) will be deleted from our system.

 

Data Categories

Purposes

Retention Period

Data related to an active customer

Data Categories

Customer account management, customer contact management

For the entire duration of the contractual relationship

Data related to an inactive customer

Data Categories

Customer account management, customer contact management

3 years after the end of the contract or the last contact from the inactive customer

Data generated by cookies

Data related to your online service browsing

Service operation and optimization, visitor statistics, content and user journey optimization.

Up to a maximum of 13 months

Data generated by the form

Data related to the management of your applications and various requests

Enriching the customer/candidate database and commercial follow-up/marketing analysis

Up to a maximum of 3 years after the last contact

4. Cookie Policy and Management

This “COOKIES” section provides more information about the origin and use of browsing information processed during your site visit and your rights. Therefore, when visiting our site, information about your browsing may be recorded in “Cookies” files installed on your device (computer, tablet, smartphone, etc.). These cookies are issued by us to facilitate your navigation on our site, optimize your experience on it, and carry out marketing analyses and actions.

Please note that only the issuer of a cookie is able to read or modify the information contained in it. If you share the use of your device with other people, we cannot ensure with certainty that the services and advertisements intended for your device correspond to your own use of that device rather than to the use of another user of that device.

4.1 Internal Cookies

We use only session cookies that are not stored.

4.2 Third-Party Cookies

When you access our website, one or more cookies from partner companies (third-party cookies) may be placed on your computer via the pages of our site. The third-party cookies used are described below. The issuance and use of cookies by third parties are subject to the privacy policies of these third parties. We do not have access to or control over third-party cookies. However, we ensure that partner companies process the information collected on the Purecontrol site exclusively for Purecontrol’s needs and in compliance with the “Information and Freedom” law and the GDPR.

4.2.1 Audience Measurement and User Experience Optimization Cookies

Audience measurement and user experience optimization cookies allow us to measure site traffic and obtain information about your browsing to optimize its ergonomics and content. The use of these cookies can only be done with your consent. Rejecting these cookies has no impact on your use of our site. You can modify your preferences regarding the storage and use of cookies at any time. To do so, simply click on the “Cookie Management” link at the bottom of all site pages.

4.3 Your Cookie Choices

You have several options for managing cookies. Any configuration you undertake may affect your internet browsing and your access to certain services that require the use of cookies. You can express and modify your cookie preferences at any time, using the methods described below.

4.3.1 Choices Offered by Your Browsing Software

You can configure your browsing software to allow cookies to be stored on your device or, conversely, to reject them, either systematically or depending on their sender. You can also configure your browsing software to offer you the option to accept or reject cookies on a case-by-case basis before a cookie is stored on your device. We encourage you to set up your browser for optimal use. The configuration of each browser is different.

4.3.2 Browser Settings

For browser settings, please refer to the official documentation of the browsers in use.

4.3.3 Your Online Choices

For your information, you can access the Youronlinechoices site, provided by digital advertising professionals grouped together in the European association EDAA (European Digital Advertising Alliance) and managed in France by the Interactive Advertising Bureau France. This European platform is shared by hundreds of digital advertising professionals and serves as a centralized interface for expressing your refusal or acceptance of cookies used to adapt advertisements to your device’s browsing. In addition, the following platforms, IAB opt-out platform, Network Advertising Initiative opt-out platform, Digital Advertising Alliance platform, also allow you to express your choices to all the players integrated into these platforms.

Note that this procedure will not prevent advertisements from being displayed on the websites you visit. It will only block technologies that allow ads to be tailored to your interests.

  • Opt-out links for audience measurement cookies (statistics)

For cookies deposited by Google Analytics Google Analytics Opt-Out Link

For more information about cookies, you can visit the CNIL website CNIL Cookies Page

4.3.4 What Are Our Cookies Used For?

– Google: This site uses Google advertising and audience measurement cookies to display personalized ads (ad targeting and retargeting), measure the effectiveness of these campaigns, and analyze the site’s operation.

4.4 External Links

The site www.purecontrol.com links to many other websites. Purecontrol cannot be held responsible for the content and privacy policies of these sites. Purecontrol also cannot be held responsible for any direct or indirect damages resulting from their use, including access to these sites and sites linked to these sites, including, but not limited to, financial or commercial loss, loss of business, loss of data, even if we have been informed in advance.

You may not establish a hyperlink to the EDF group portal without the prior, written, and express authorization of Purecontrol. Requests should be addressed to the publication director of the Purecontrol portal.

5. Use and Sharing of Your Personal Data

Your personal data is communicated to the following individuals

5.1 Internally, within the Company

Your data is communicated to the internal employees of the Company. In accordance with regulations, access to your data is based on individual, limited, and controlled access authorizations.

5.2 To Our Subcontractors

They provide services on our behalf :

  • including web hosting
  • analytical solutions, or audience measurement

5.3 Transfer of Data Outside the European Union

Your data is stored within the European Union, either by Purecontrol or by its service providers (subcontractors). Some data may be subject to occasional processing outside the European Union in countries that do not have an adequacy decision from the European Commission. Specific measures and guarantees are implemented to secure such transfers. These include, in practice, Standard Contractual Clauses or Binding Corporate Rules. To learn more about the measures in place or to obtain a copy of the guarantees, please contact the Data Protection Officer of Purecontrol at the following address: dpo@purecontrol.com

6. Your Rights to Your Data – Contact Information

In accordance with data protection laws and the GDPR, any person can exercise their right of access, rectification, objection, restriction of processing, deletion, and data portability by sending a signed letter and a copy of an identity document to the registered office of Purecontrol, 68 Avenue Sergent Maginot – 35000 Rennes. The data controller, Gautier Avril, will respond within one month of the request for access or rectification.

6.1 Under the aforementioned legal and regulatory provisions, you have the following rights:

  • The right to inquire
  • The right to access your data
  • The right to rectify
  • The right to erase
  • The right to limit the processing of your data
  • The right to data portability to some extent, which means the right to receive the personal data you have provided to us in a structured, commonly used format and the right to transmit this data to another data controller
  • The right to object to your data being processed
  • The right to object to your data being used for marketing purposes, especially commercial prospecting
  • The right to object to marketing profiling, which means that you will continue to receive commercial solicitations, but these will be less relevant and will no longer be targeted according to your interests
  • The right to establish general and/or specific directives concerning the fate of your personal data and the way you want your rights to be exercised after your death. In this regard, in the event of a death brought to our attention, your data will be deleted, unless it is necessary to retain it for a specified period for reasons related to our legal and regulatory obligations and/or legal prescription periods, and if necessary, have been communicated to a third party possibly designated by you.

6.2 You can exercise your rights with the Data Protection Officer

  1. By sending a postal letter to the following address: Data Protection Officer – Purecontrol 68 Avenue Sergent Maginot 35000 – Rennes France
  2. By sending an email to the following email address: dpo@purecontrol.com

For reasons of confidentiality and the protection of your personal data, the company must verify your identity before responding to such a request. Therefore, any request to exercise these rights must be accompanied by a signed copy of an identity document.

In the event of an unsatisfactory response, you can file a complaint with the French National Commission on Informatics and Liberty (CNIL).

6.3 Opt-Out of Commercial Offers

You can object to commercial solicitations at any time, as provided by the relevant communication channel.

In the case of solicitation by email:

  • You always have the possibility to object to receiving these solicitations by taking the following actions: By clicking on the unsubscribe link provided in each email or by contacting our customer service at support@purecontrol.com.

Commercial Solicitations by Phone:

  • You have the option to object to commercial phone solicitations by taking the following actions: Sending an email to the address dpo@purecontrol.com requesting the immediate cessation of commercial phone solicitations from Purecontrol.

7. Security of Personal Data

As the data controller, we take all necessary measures to protect the security and confidentiality of data, particularly to prevent data from being damaged or accessed by unauthorized third parties. To this end, we make every effort to ensure the physical security of the buildings housing our computer systems, as well as the security of the computer system by providing encryption measures. Furthermore, we ensure that our subcontractors comply with the rules for the protection of personal data.

7.1 Updating the Personal Data Protection Policy

This personal data protection policy may be modified or adjusted at any time

7.2 Procedures in Case of Data Breach

We take the protection of your personal data very seriously and commit to acting quickly and effectively in the event of a data breach. This section describes the procedures we have put in place to deal with such situations.

7.2.1 Notification of Data Breach

If we become aware of a data breach that could pose a risk to your rights and freedoms, we will immediately notify the competent supervisory authority in accordance with our obligations under the GDPR. We will also take steps to mitigate any potential harmful effects of the data breach.

7.2.2 Notification to Affected Individuals

In cases where a data breach could pose a high risk to your rights and freedoms, we will inform you appropriately and in accordance with the applicable legal requirements. This notification will include information about the nature of the breach, the affected data, potential consequences, and measures taken to address the situation.

7.2.3 Investigation and Corrective Measures

We will conduct a comprehensive internal investigation to understand the nature of the data breach, its causes, and its extent. Based on the results of this investigation, we will take corrective measures to prevent similar breaches in the future.

7.2.4 Communication with Supervisory Authorities and Affected Individuals

Your content goes here. Edit or remove this text inline or in the module CaWe will fully cooperate with supervisory authorities and affected individuals as part of the data breach investigation. We will provide all required information in a transparent and compliant manner.ontent settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.

7.2.5 Documentation

We will maintain detailed records of all data breaches, including breach details, remediation efforts, notifications sent, and corrective actions taken. These records will be kept in accordance with legal requirements.

7.2.6 Data Breach Contact Point

If you become aware of or suspect a data breach related to your personal information in our possession, please contact us immediately at [data breach contact email] or [emergency phone number]. We encourage you to report any concerns related to data security, as your contribution is essential for protecting your personal data.