Fit4Finance: Les mesures de l'UE pour financer ma PME

Mercredi le 30 septembre 2020 ,

POLITIQUE DE PROTECTION DES DONNÉES PERSONNELLES

Le présent document a pour objet de vous informer de la manière dont la Chambre de Commerce de Luxembourg traite[1] les données personnelles vous concernant (ci-après « Vos Données ») conformément aux règles établies par le Règlement (UE) 2016/679 du Parlement européen et du Conseil du 27 avril 2016 relatif à la protection des personnes physiques à l'égard du traitement des données à caractère personnel (ci-après « RGPD »).

Identité du responsable de traitement

La Chambre de Commerce de Luxembourg, constituée sous la forme d’un établissement public, établie et ayant son siège à L-1615 LUXEMBOURG, 7, rue Alcide de Gasperi, est responsable du traitement de Vos Données.

Catégories de données personnelles traitées

La Chambre de Commerce de Luxembourg traite principalement des informations d’identification et de contact :

  • de personnes physiques liées aux entreprises ressortissantes de la Chambre de Commerce (dirigeants, points de contact…),
  • de personnes physiques liées à des entreprises non-ressortissantes (dirigeants, points de contact…) ou à des entités publiques,
  • de personnes physiques liées à ses prestataires de services, ainsi que
  • d’autres personnes physiques ayant demandé à bénéficier de services proposés par la Chambre de Commerce (conférences, abonnement à la newsletter ou à la veille des marchés publics…).

La Chambre de Commerce de Luxembourg traite également des images et exceptionnellement des données sensibles (allergies ou préférences alimentaires) des personnes participant aux événements et missions économiques qu’elle organise.

En tout état de cause, la Chambre de Commerce de Luxembourg est soucieuse de respecter le principe de minimisation de Vos Données et veille à ce que seules soient traitées, les données adéquates et pertinentes au regard de ce qui est nécessaire à la poursuite des finalités déclarées.

Sources des données personnelles traitées

La Chambre de Commerce de Luxembourg collecte Vos Données soit directement auprès de vous, soit indirectement auprès de tiers.

Fondements et finalités des traitements

Le traitement de Vos Données est fondé :

  • soit sur le fait que le traitement est nécessaire à l'exécution des missions d'intérêt public dont la Chambre de Commerce de Luxembourg est investie[2] (promotion d’un cadre législatif et réglementaire propice au développement économique, promotion des relations économiques et commerciales au niveau international, développement et promotion de la formation professionnelle, réalisation d’études et analyses en matière commerciale, industrielle et financière…),
  • soit sur le fait que le traitement est nécessaire aux fins des intérêts légitimes poursuivis par la Chambre de Commerce de Luxembourg (communication relative aux évènements qu’elle organise…),
  • soit sur le fait que le traitement est nécessaire au respect d’une obligation légale à laquelle la Chambre de Commerce de Luxembourg est soumise (correspondances et communications diverses à l’attention des personnes physiques auprès des entreprises ressortissantes ou non-ressortissantes (dirigeants, points de contact…), des administrations, des fédérations…),
  • soit sur le fait que le traitement est nécessaire à l’exécution d’un contrat conclu avec la Chambre de Commerce auquel vous êtes partie,
  • soit avec votre consentement (abonnement à la newsletter de la Chambre de Commerce…).

Transferts de Vos Données

Vos Données sont traitées en interne par les personnes dûment habilitées, dans la limite de leurs attributions respectives.

Afin d’accomplir les finalités précitées, la Chambre de Commerce de Luxembourg peut être amenée à transférer Vos Données à :

  • ses partenaires institutionnels (fédérations patronales, ministères, administrations, ambassades, chambres professionnelles) ou ses partenaires non-institutionnels (entreprises, formateurs, prestataires de services) notamment dans le cadre de la co-organisation d’évènements (missions économiques, conférences…);
  • ses prestataires de services dans le cadre de l’envoi de newsletter et autres communications ;
  • ses sous-traitants réalisant un traitement de données pour son compte (réalisation d’enquêtes économiques ou d’enquêtes de conjoncture).

Dans le cadre de ses activités internationales, la Chambre de Commerce de Luxembourg peut être amenée à transférer Vos Données vers une organisation internationale ou un pays situé hors de l’Espace économique européen[3] :

  • bénéficiant d’une décision d’adéquation rendue par la Commission européenne ;
  • ne bénéficiant pas d’une décision d’adéquation rendue par la Commission européenne, auquel cas ces transferts sont encadrés par l'utilisation de clauses contractuelles appropriées ou de clauses contractuelles types élaborées par la Commission européenne afin d'assurer en toutes circonstances un niveau de protection adéquat aux données transférées ;
  • en l’absence de décision d’adéquation ou de garanties appropriées, sur base de votre consentement explicite.

Vos droits

Vous disposez d’un droit d’accès à Vos Données, d’un droit de rectification en cas d’erreur dans Vos Données ainsi que, sous réserve de justifier des raisons prépondérantes et légitimes prévues au RGPD, d’un droit à la limitation du traitement et d’un droit d’opposition à la collecte de Vos Données. Cependant dans ces deux dernières hypothèses, l’exercice de ce droit n’annihile pas la validité antérieure du traitement.

Vous disposez par ailleurs d’un droit à l’effacement de vos données personnelles.

Veuillez noter que la loi autorise la Chambre de Commerce de Luxembourg à conserver et continuer à traiter certaines données personnelles, même lorsque vous avez exercé vos droits d'opposition ou d'effacement, pour des raisons légitimes et impérieuses telles que le respect de la loi applicable et notamment de la loi modifiée du 26 octobre 2010 portant réorganisation de la Chambre de Commerce.

Pour l’exercice de vos droits, vous pouvez vous adresser au Délégué à la protection des données de la Chambre de Commerce de Luxembourg (dpo(at)cc.lu).

En outre, vous avez à tout moment le droit d’introduire une réclamation auprès de la Commission Nationale pour la Protection des Données (CNPD), à L-4370 BELVAUX, 15, boulevard du Jazz, ou auprès de l’autorité de surveillance compétente de votre état de résidence ou du lieu de l’infraction alléguée, si vous estimez que vos droits énoncés ci-avant n’ont pas été respectés.

Sécurité de Vos Données

Les données personnelles recueillies par la Chambre de Commerce de Luxembourg sont traitées par elle, en qualité de responsable du traitement, dans le respect de la législation sur la protection des données applicable.

La Chambre de Commerce de Luxembourg s’engage à mettre en œuvre les mesures de sécurité techniques et organisationnelles nécessaires à la protection de Vos Données.

Durée de conservation de Vos Données

La Chambre de Commerce de Luxembourg conserve Vos Données aussi longtemps qu’elle en a besoin pour respecter les dispositions légales et réglementaires qui s’appliquent à elle ou aussi longtemps qu’elle en a besoin pour garantir l’exécution des finalités pour lesquelles elles ont été collectées.

Cookies

Le site de la Chambre de Commerce de Luxembourg utilise des cookies. Les cookies sont des petits fichiers texte placés sur votre équipement par les sites que vous visitez. Ils sont généralement utilisés pour faire fonctionner les sites internet plus efficacement, ainsi que pour fournir des informations au propriétaire du site.

Les cookies sont généralement stockés sur le disque dur de votre ordinateur. La Chambre de Commerce de Luxembourg utilise l'information recueillie à partir de cookies pour évaluer l'efficacité de son site. Les informations collectées à partir des cookies lui permettent de déterminer quelles sont les parties de son  site les plus visitées et les difficultés que ses utilisateurs peuvent rencontrer pour y accéder. Avec ces informations, la Chambre de Commerce de Luxembourg peut améliorer la qualité de votre expérience sur son site et fournir plus de fonctionnalités et d'informations, ainsi que résoudre des difficultés d'accès.

La Chambre de Commerce de Luxembourg utilise des fournisseurs de services tiers, pour l’aider à mieux comprendre l'utilisation de son site, lesquels peuvent placer des cookies sur le disque dur de votre ordinateur.

Si vous voulez éviter d'utiliser des cookies, vous pouvez désactiver les cookies dans votre navigateur ou votre équipement. Cependant, la désactivation des cookies peut vous empêcher d'utiliser certaines fonctionnalités du site de la Chambre de Commerce de Luxembourg ou de ses services.

Modification de la présente politique de protection des données personnelles

La Chambre de Commerce de Luxembourg se réserve le droit de modifier la présente politique de protection des données personnelles à tout moment et sans préavis. Seule la version française actualisée de la présente politique de protection des données personnelles accessible en ligne fait foi.


[1] Un « traitement » de données consiste notamment dans la collecte, l'enregistrement, l'organisation, la structuration, la conservation, l'adaptation, la modification ou l'utilisation de vos Données.

[2] Selon l’article 2 de la loi modifiée du 26 octobre 2010 portant réorganisation de la Chambre de Commerce

[3] L’Espace économique européen comprend l’Union européenne, le Lichtenstein, la Norvège et l’Islande.

swapcard privacy policy

 

1. Definition and nature of personal data

Whenever you use the platform, that can be accessed from the  www.swapcard.com website and/or on the "Swapcard" mobile application, (hereinafter referred to as the "Platform"), for the purposes of using the provided networking services that enable you to increase your professional network, we may request some personal information about you.

We also collect some of your personal data when you register directly on our Platform to participate in a professional event, or when an event organizer wishes to provide you with our services within the context of the event for which you are registered and sends us your contact details in order that we may contact you.

The term "personal data" refers to any and all information which enables an individual to be identified, more specifically your surname, first name(s), postal and email addresses, telephone number(s), data concerning transactions on the Platform, bank card numbers, as well as any other information about you which you may choose to provide us with.

2. Purpose of this Charter

The purpose of this charter (hereinafter referred to as the "Charter ") is to inform you of the means by which we collect and process your personal data, with the strictest respect for your rights.

In this regard, we would like to point out that when collecting and managing your personal data, we comply with the current version of the French law No. 78-17 of 6 January 1978 on Information Technology, Data Files and Civil Liberties.

3. Identity of the entity responsible for collecting and processing data

Responsibility for the collection and processing of your personal data lies with the company Swapcard Corporation, a simplified joint stock company, registered with the Registry of Trade and Companies of Paris under number 790 356 760, whose head office is located at 6 rue de Paradis, 75010, Paris Paris, (referred to within the framework of this Charter as "Us" or "We").

4. Collecting and processing personal data

Your personal data is collected and processed for one or more of the following purposes:

  • (i) To manage your access to and use of the services available on the Platform.
  • (ii) To carry out customer management operations relating to contracts, orders, deliveries, invoices, loyalty schemes, follow-up with customers, etc.
  • (iii) To compile a list of registered members, users, customers and prospective customers.
  • (iv) To issue newsletters, invitations and promotional advertisements. Should you not wish to receive these, we offer you the option to refuse them at the moment your data is being collected.
  • (v) To sent you suggestions for networking connections with other users of the Platform. Should you not wish to receive these, we offer you the option to refuse them at the moment your data is being collected.
  • (vi) To compile commercial and web traffic statistics for our services.
  • (vii) To manage reviews on products, services or content.
  • (viii) To manage unpaid invoices and potential disputes regarding the use of our products and services.
  • (ix) To adhere to our legal and regulatory obligations.

We shall inform you, when requesting your personal data, if certain information must be provided or if it is optional. We shall also inform you of the consequences should you not wish to provide this information.

We also inform you that we are likely to collect your data indirectly, either from organizers of events which you are attending, and thus enabling you to use our services, or from other users of our services.

In this respect, you are hereby informed that we may reuse your personal data that is stored in the address book of another user of our services who has expressly authorized us to access their contacts to put you in contact with each other.

5. Recipients of the collected and processed data

Our company's staff, any authorities in charge of audits (external auditors in particular) and our subcontractors will have access to your personal data.

For the purposes of the networking service, we will also provide your personal data to the organizers of professional events for which you are registered and for which you have used the services of the Platform. The event organizer may use this data for the same purposes and under the same conditions as those referred to in this Charter. The event organizer remains solely responsible for their respect of their own legal and declarative obligations with regard to their processing of your personal data, which they carry out themselves, with their own means and for their own requirements. We are only responsible for our use of your personal data, this excluding any other use by the event organizer.

Government agencies or representatives of the law, ministerial officers or organisations responsible for the collection of debts may also be recipients of your personal data, for the sole purposes of meeting our legal obligations.

6. Assignment of personal data

Your personal data will not be assigned to, rented to or exchanged with any third party, with the exception of the organizers of events for which you are registered and to whom we provide data concerning you, in relation with their events.

We may generate, and share with organizers of events for which you are registered, usage statistics collected by individuals during an event, in order to calculate the rate of use of our services and have a clear understanding of interactions within their community. This data includes both anonymous generic usage data (e.g. number of users, average number of user contacts, percentage of user additions, number of active users) and personal data related to events organized by the organizer and for which you are registered.

7. Data retention period

(i) Regarding data relating to customer and prospect management:

Your personal data shall not be retained any longer than is strictly necessary for the management of our business with you. However, data proving the existence of a right or a contract must be kept in order to adhere to legal obligations and shall be held for the term stipulated by the applicable law.

Regarding potential prospecting operations for customers, their data may be held for a period of three (3) years after the termination of the business relationship in question.

Personal data relating to a prospective customer, who is not already a customer, may be held for a period of three (3) years from the moment it is collected or from the last contact with the prospective customer.

At the end of this period of three (3) years, we may contact you again in order to find out if you wish to continue to receive commercial solicitation.

(ii) Regarding bank card data:

Financial transactions relating to payments for purchases and fees on the Platform are entrusted to a payment service provider who ensures the smooth processing and security of these transactions.

For the purposes of the services, this payment service provider may require us to send them your personal data relating to your bank card numbers, which it collects and stores in our name and on our behalf.

We do not have access to this data.

In order to enable you to make regular purchases or pay any related fees on the Platform, data relating to your bank cards is retained for the duration of your registration on the Platform and at the very least, up to the time you carry out your last transaction.

By checking the box on the Platform expressly reserved for this purpose, you give us your express consent to retain this data.

Your banking card's security code or CVV2 code is not stored.

If you do not want your personal data relating to your bank card numbers to be retained under the conditions specified above, we shall not keep this data beyond the time necessary for the completion of the transaction.

In any event, data relating to the card may be retained for the purposes of providing proof in the event of a transaction subsequently being contested, in intermediary archives, for the period stipulated in Article L 133-24 of the French Monetary and Financial Code, namely thirteen (13) months following the date the card is debited. This period may be extended to fifteen (15) months in order to account for the possibility of deferred debit cards being used for payment.

(iii) Regarding the management of opt-out lists compiled during prospecting activities:

Information enabling recognition of your right to opt-out is retained for a minimum of three (3) years following the exercising of your opt-out right.

(iv) Regarding web audience tracking statistics:

Information stored in users' terminals, or any other means used to identify users and enabling them to be tracked or to measure the frequency of their visits, shall be retained for no longer than thirteen (13) months.

8. Security

For your information, we take all necessary precautions and appropriate organisational and technical measures to maintain the security, integrity and confidentiality of your personal data, and especially to prevent it from being altered or damaged and to prevent any third party from accessing it.

In this respect, we hereby inform you that we respect the security measures put in place by our data hosting provider, Amazon, whose security measures can be accessed on this page.

9. Hosting

We also hereby inform you that your data is stored solely on the servers of Amazon, located in Ireland, within the European Union.

Your data will not be transferred outside the European Union as part of our conditions of use of the services we offer.

10. Cookies

Cookies are text files that are often encrypted and that your web browser stores. They are created when a user's browser loads any given website: the site sends information to the browser, which then creates a text file. Each time the user comes back to the same site, the browser retrieves the file and sends it to the website server.

There are three types of cookie with differing purposes - technical cookies, social network cookies and advertising cookies:

  • Technical cookies are used throughout your browsing in order to facilitate and carry out certain functions. A technical cookie can be used, for example, to memorise responses submitted in a form or even user language or website presentation preferences, whenever such options are available.
  • Social network cookies can be created by social networking platforms to allow web designers to share the content of their sites on these platforms. These cookies may in particular be used by social networking platforms to trace the browsing of Internet users on the website in question, whether or not they use these cookies.
  • Advertising cookies can be created not only by the website which the user is browsing but also by other internet websites displaying advertising, ad banners, widgets or other elements on the page that is being displayed. These cookies can be used to carry out targeted advertising in particular, that being advertising which is determined by user browsing.

We use technical cookies. These are stored in your browser for a period of thirteen (13) months.

We use social network cookies. These cookies are only stored on your computer if you give your consent. You can learn more about them, accept them or refuse them.

We invite you to consult the privacy policies of the social networking platforms that create these cookies, to learn about the purposes and use made of browsing information collected through these cookies and the ways you can exercise your rights with regard to these platforms.

We do not use advertising cookies. However, should we use them in the future, we will inform you and seek your prior consent. You will have the option to disable these cookies should you wish to.

We use Google Analytics, which is a statistical audience analysis tool that generates cookies to measure the number of visits to the Platform, the number of page views and visitors' activity on the Platform. Your IP address is also collected to determine the city you are connecting from. The storage duration of this cookie is indicated in Article 7 (iv) of this Charter.

We would like to remind you that you may refuse technical cookies and cookies generated by Google Analytics by configuring your browser to this end. However, such a refusal may prevent the Platform from functioning correctly.

11. Consent

Providing your personal data, in order to benefit from the services we offer, represents your express consent for the collection and use of this data, in accordance with the provisions set forth in this Charter and in the applicable legislation.

12. Access to your personal data

In accordance with French law No. 78-17 of 6 January 1978 on Information Technology, Data Files and Civil Liberties, you retain the right to obtain and, where appropriate, correct or delete any data concerning you, via online access to your account. You can also direct correspondence to:

- Email Address:support@swapcard.com

- Postal Address: 6 rue de Paradis, 75019, Paris

By way of reminder, any individual may, on legitimate grounds, request limitation of the processing of their personal data or oppose said processing.

13. Portability of your personal data

You have data portability rights regarding the personal data that you provide us, understood as data that you have actively and consciously declared in order to access and use our services, as well as data generated from your activity using the services. We remind you that these rights do not relate to data collected and processed on any other legal basis than the consent or implementation of the contract binding us.

These rights can be exercised free of charge, at any time, and in particular when closing your account on the Platform, in order to recover and keep your personal data.

In this context, we will send you your personal data, through any pertinent channels, in a commonly-used and machine-readable standard open format, in accordance with industry standards.

14. Lodging a complaint with a supervisory authority

You are also hereby informed that you have the right to lodge a complaint with a competent supervisory authority (e.g. the French National Commission for Information Technology and Liberties in France - CNIL) in the Member State in which your place of residence or your workplace is located, or the place where your rights have been violated, if you consider that the processing of your personal data within the context of this Charter constitutes a violation of the applicable legal texts.

Such a complaint may be brought before an administrative or jurisdictional court without prejudice to any other claim. In such a case, you also have the right to an effective judicial and administrative redress if you consider that the processing of your personal data within the context of this Charter constitutes a violation of the applicable legal texts.

15. Amendments

We reserve the right to amend this Charter at any moment, at our sole discretion, either in its entirety or in part. Such amendments shall come into effect once the new Charter is published. Your use of the Platform following the entry into effect of these amendments, shall constitute acknowledgement and acceptance of the new Charter. Failing that, and if you are not in agreement with the new Charter, you should refrain from accessing the Platform.

16. Entry into Effect

This Charter came into effect on January, 15th 2018