top of page

LEGAL NOTICE

GDPR (General Data Protection Regulation)

Contact details of the data protection officer and file manager​: 

Mr. Etienne KAJOIN

05 32 02 81 71

contact@groupefrancredit.fr

France Credit

21 rue from Alsace Lorraine 

31000 Toulouse

1) Data collection: 

​ Personal data is all information relating to an identified or identifiable natural person. This includes information such as name, address, phone number, email address, financial data, biometric data, etc. The protection of personal data is a major issue in terms of privacy and information security. Personal data protection laws require organizations that collect, store or use personal data to do so responsibly, respecting the rights of data subjects and ensuring the security of their data.

France credit collects your personal data directly either through the forms available to you on the website or in your France credit customer area. 

All personal data concerning you will be used exclusively by France Crédit for the purpose of:  

- To be able to answer any questions you may have  

- Allow you to access our services 

- Allow us to carry out any communication campaigns

When creating your personal account and in the event of any modifications, the email address and password used as identifiers are confidential and strictly personal. You then agree not to share it. In the event of loss, misappropriation or use against you of your personal customer space, you must immediately notify us (Contact@groupefrancecredit.fr) so that we can take the necessary measures (resetting identifiers or even blocking your account).

2) Data Protection 

 

Data protection is a set of practices and procedures aimed at ensuring the confidentiality, integrity and availability of digital data. It includes implementing security measures such as data encryption, user authentication, and access management to prevent data leaks and privacy breaches. This information is covered by professional secrecy and will in no case be sold, rented or made accessible to third parties, unless the company France Crédit must communicate to them in your interest (provide the service or benefit you request, express request of any judicial or administrative authority or if you have previously authorized their sharing. 

 

Apart from your request for deletion, the data that you have communicated to us will be stored throughout your business relationship (customer) with France Crédit. These will be deleted 5 years after the end of the business relationship or after 3 years for all prospects. 

 

 

France Crédit implements the following general and IT security measures for personal data:  

 

- Access limited to premises 

- Storage or archiving of personal data in a place that is not accessible to everyone and secure 

- Determine the persons authorized to access personal data. 

- Securing mobile computing

- Regular backups and storage of backup media in a safe place

- Authentication of users by an identifier and a password for access to their own customer account.

3) Rights of access, rectification, erasure, opposition, limitation, portability 

The Data Protection Act of January 6, 1978 is a French law which establishes the principles relating to the protection of personal data. It aims to guarantee the confidentiality of personal information by defining the rules for its collection, use, storage and dissemination. The law applies to the processing of personal data carried out by public and private persons in France. It was updated in 2018 to take into account new information and communication technologies.

- Right of access: the right to receive confirmation that personal data concerning them is or is not being processed and, where applicable, to obtain access to this data.

- Right of rectification: the right to request the correction, updating or deletion of inaccurate, incomplete or outdated personal data.

- Right of opposition: the right to oppose the processing of personal data for legitimate reasons.

- Right to data protection: the right to be informed about the means of protecting personal data and about the guarantees provided by the controller.

- Right to limitation of processing: the right to request the limitation of the processing of personal data in certain situations.

- Right to data portability: the right to receive the personal data provided by him in a structured, commonly used and machine-readable format.

- Right to file a complaint with the supervisory authority: the right to file a complaint with the Commission Nationale de l'Informatique et des Libertés (CNIL) in the event of a violation of one's rights.

4) Data Breach Procedure: 

A personal data breach is a breach of security resulting in the unlawful or accidental destruction, alteration, loss and unauthorized disclosure of personal data transmitted, stored or otherwise processed or again, unauthorized access to such data. 

Except in cases where the violation is not likely to create a risk for the rights and freedoms of natural persons, France Crédit notifies the CNIL as soon as possible and if possible within 72 hours of becoming aware of it.

France Crédit will directly inform the person concerned of this act of violation, except, if the violation is not likely to create a strong risk for the rights and freedoms of a natural person, to inform the person concerned directly of the violation. .

If you suspect a breach of your data, it is important to take the following steps quickly and in an organized manner:

 

Confirm the breach: Start by checking to see if a breach actually took place. If you cannot confirm the breach, you can consult security experts to help you.

Stop the data leak: If you have confirmed the breach, it is important to stop the data leak immediately to minimize potential damage.

Back up the evidence: To be able to deal with the breach effectively, you need to collect evidence of what happened. This may include screenshots, server logs, etc.

Notify affected individuals: If personal data has been compromised, you are required to notify affected individuals as soon as possible.

Contact relevant authorities: If the breach is serious, you may need to contact relevant authorities, such as the police or data protection authorities.

Assess and Remediate Security Gaps: Once the breach has been handled, it is important to conduct a thorough assessment of your security system to determine how the breach may have occurred and how it can be prevented in the future .

Take measures to prevent future breaches: Finally, put in place measures to prevent future breaches, such as training staff, implementing stricter security policies, updating your security systems, etc

It is important to note that the exact procedures will vary depending on your organization, the seriousness of the breach and applicable law. It is therefore recommended to consult a security expert for personalized advice.

bottom of page