Your private life is a priority at CNR
In order to ensure we are as transparent as possible with you, we first set out our personal data protection policy. Second, we present how your personal data allow our services to function, how we collect them, how we ensure they are used properly, and how they are protected.
Our personal data protection policy
The processing of personal data collected on the internet site cnrnco.com is done by CNR, a joint stock company with a paid-up capital of €5,488,164, enrolled on the Trade Registry of Lyon under number 957 520 901, whose head office is located at 4 rue André Bonin 69004 Lyon, France.
In conformity with the law on “Computer Technology and Freedom”, amended, the collection and processing of your personal data by CNR are necessary to process demands made by the general public for information. The legal basis for such processing is legitimate interest (cf. article 6.1.f of the European General Regulations on Data Protection). The data processed are: name, first name, email address. CNR may also use browser data collected on its internet site and associate them with other data.
The addressees of these personal data are, in the strict framework of the purposes mentioned above: the duly authorised personnel of CNR, their service providers, partners and subcontractors, in the present case: Ordinaire Extra l’agence.
The data processed are kept only for the time required to perform the actions mentioned above, within the limit of the statutory periods in force. The data are kept for a maximum period of five (5) years counting from their collection or the last contact made by an individual.
The user of the internet site cnrnco.com can, at any moment, refuse the deposit of cookies on their computer and deactivate the cookies possibly already deposited.
You have the right to access, correct and delete your personal data. You are entitled to withdraw them when consent is required for processing. Under certain regulatory conditions, you are entitled to request that such processing be limited or refuse it. You can exercise these different rights by contacting the services of the Data Protection Delegate (DPD) directly by letter sent to the following address:
CNR
Délégué à la Protection des données, DJEA
2 rue André Bonin
69316 Lyon Cedex 04
donnees.personnelles@cnr.tm.fr
If you decide to make known your rights by letter, you must prove your identity by enclosing a copy of your national identity card with your letter.
You can also request the portability of the data that you have transmitted when necessary for the contract or when your consent was required.
You also have the right to issue directives relating to the fate of your personal data after your decease.
Claims affecting the collection or the processing of your personal data can be sent to the service of the Data Protection Delegate (DPD), whose address was given above. In the case of persistent disagreement regarding your data, you have the right to contact the CNIL (the body competent in the matter) at the following address:
Commission Nationale Informatique et Libertés
3 place de Fontenoy
75007 Paris
https://www.cnil.fr/fr/vous-souhaitez-contacter-la-cnil
33 (0)1 53 73 22 22
What exactly are personal data?
They are data that can be used to recognise you directly or indirectly. For example, they can include your name, your postal address, your telephone number and your email address.
2 types of data can be collected by CNR:
- Your contact da ta: name, first name, email address, telephone number, etc.
- Your behaviour on our sites: duration of visit, buttons clicked, etc.
In particular, we use this information to communicate with you. Operations, called processes, are executed on your data such as collection, storage, utilisation, etc. For further information, consult the full definitions on the CNIL site.
Your data are essential to ensure the quality of our services and your experience.
Your data are essential to us so we can provide you with a service in keeping with your expectations in terms of simplicity and fluidity. They help us to improve our services. For example, by analysing your feedback and comments following your browsing on our site.
You communicate your data to us when you use our services.
- Contextual data such as information on you browsing on our site, when you leave a comment, etc.
- Cookies: when you visit any internet site, these small files leave a trace of your browsing session.
Your data are in good hands
The data that you communicate to us via our site are above all used to satisfy your demand. They are collected for CNR’s internal services and for our subcontractors which are contractually committed to conforming to European legislation, even when they are situated outside the European Union.
In conformity with the regulations, we may transfer your data to an authorised third party such as jurisdictions or authorities of control.
We never store your data for longer than necessary
We conform to the legislation’s recommendations regarding data conservation. Certain personal data may be kept for 5 years after the expiry date of the contract for legal reasons.
Your rights: accessing, correcting, opposing, etc.
You have several rights concerning your personal data, in particular the right to access, correct and delete your personal data. You can also request their portability, oppose certain of the processes executed or demand their limitation.
To exercise these rights, contact the services of the Data Protection Delegate (DPD) directly by sending a letter to the following address:
CNR
Délégué à la Protection des données, DJEA
2 rue André Bonin
69316 Lyon Cedex 04
donnees.personnelles@cnr.tm.fr
If you decide to make known your rights by letter, you must prove your identity by enclosing a copy of your national identity card with your letter.
CNR protects your private life
We apply adapted security measures to protect your data against any inappropriate intrusion, loss, damage or disclosure to an unauthorised third party.
The information system, servers and networks that we use to process and store personal data are equipped with security and protection systems (data encryption, firewall, redundancy, safeguard, etc.).
We only issue authorisations to access our information system to employees that require them in order to carry out their work. In addition, we make our employees aware of the protection of personal data made available to them in the framework of their functions.
We require our service providers to conform to the same principles of protection.
The present Charter may be modified at any time, due in particular to the introduction of new services or technologies, or changes in the legislation and regulations.
We invite you to consult this page regularly to learn of any possible modifications.